Originally Posted by Mouton
I'll work on the user htaccess restriction as soon as possible.
It seems to me that the .htaccess file even though has been used for decades , is a little messy. Would mod-auth-mysql be a cleaner/better solution?
One thing we have to keep in mind is if a user account gets disabled for some oddball reason. The .htaccess file will have to be modified and then again when the account is re-enabled. I believe if my memory serves me right, mod-auth-mysql has a variable just for things like that and it gives you the ability to use the same user accounts within the dbispconfig database.
There are some conns to this. mod-auth-mysql requires basic authentication (plain text).
Also, you would have to add something like this to the vhost.conf.master file.
<tmpl_if name='awstats' op='==' value='y'
<Directory <tmpl_var name='web_document_root_www'>/stats
AuthName "AWstats Service"
Auth_MySQL_Password <tmpl_var name='db_password'>
Auth_MySQL_Password_Clause " AND enabled=1"
require group <tmpl_var name='system_group'>