Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Tips/Tricks/Mods

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 26th January 2010, 21:43
theos theos is offline
Junior Member
 
Join Date: Sep 2006
Posts: 1
Thanks: 1
Thanked 3 Times in 1 Post
Default plugin for htpasswd for admins

Hi all,

I've created a little plugin that creates a htpassword-file containing all passwords of the clients that are created in ispconfig3.
I usually use this file to secure webapps like phpmyadmin.

Maybe it is useful for others. This is my first ispconfig3-plugin. Comments are welcome :)

Copy this file to /usr/local/ispconfig/server/plugins-available/adminpassword_plugin.inc.php
Then create a symlink in /usr/local/ispconfig/server/plugins-available
and create the entry $conf['services']['adminpassword'] = true; in /usr/local/ispconfig/lib/config.inc.php

Code:
<?php
  // this plugin automatically creates /var/www/.htpasswd_admin
  // TL Snelleman
  // borrowed some code from: http://www.howtoforge.com/forums/showthread.php?t=33026

class adminpassword_plugin {

        var $plugin_name = 'adminpassword_plugin';
        var $class_name  = 'adminpassword_plugin';

        //* This function is called during ispconfig installation to determine
        //  if a symlink shall be created for this plugin.
        function onInstall() {
                global $conf;

                if(@$conf['services']['adminpassword'] == true) {
                        return true;
                } else {
                        return false;
                }
        }

        /*
                This function is called when the plugin is loaded
        */
        function onLoad() {
                global $app;

                /*
                Register for the events
                */

                $app->plugins->registerEvent('client_insert',$this->plugin_name,'client_insert');
                $app->plugins->registerEvent('client_update',$this->plugin_name,'client_update');
                $app->plugins->registerEvent('client_delete',$this->plugin_name,'client_delete');
        }

        function htpassword_update($event_name,$data) {
                global $app, $conf;
                $result = $app->db->queryAllRecords("SELECT * FROM client c");
           

            	$fp = fopen("/var/www/.htpasswd_admin","w");
                if ($fp) {
			foreach($result as $row)
			{
			    $username       = $row['username'];
			    $password       = $row['password'];
			    if ($password != "") {
			  	    fwrite($fp,$username.":".$password."\n");
			    }
			}
		}
                fclose($fp);
        }

	function client_insert($event_name,$data) {
                global $app, $conf;
                $this->htpassword_update($event_name,$data);
        }

        function client_update($event_name,$data) {
                global $app, $conf;
                $this->htpassword_update($event_name,$data);
        }

        function client_delete($event_name,$data) {
                global $app, $conf;
                $this->htpassword_update($event_name,$data);
        }

} //adminpassword_plugin
?>

Last edited by theos; 26th January 2010 at 21:45. Reason: added [code]-tags
Reply With Quote
The Following 3 Users Say Thank You to theos For This Useful Post:
edge (27th January 2010), falko (27th January 2010), till (27th January 2010)
Sponsored Links
  #2  
Old 27th January 2010, 13:53
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 36,802
Thanks: 840
Thanked 5,613 Times in 4,424 Posts
Default

Thanks for publishing your plugin! Just a small correction It must read:

Then create a symlink in /usr/local/ispconfig/server/plugins-enabled
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 27th January 2010, 17:41
prisfeo prisfeo is offline
Member
 
Join Date: Jan 2010
Posts: 38
Thanks: 3
Thanked 2 Times in 2 Posts
Default

thanks theos..i'll try..
..
in the meanwhile, i am in test-phase (ispconfig3+centos5.4)
but the main domain server is published,
so i have protected the http://ispconfig.mydomain.com/phpmyadmin
access through editing the following file:
/etc/httpd/conf/sites-available/ispconfig.conf
modifying the following code (red):

# Except of the following directories that contain website scripts
<Directory /usr/share/phpmyadmin>
#Order allow,deny
#Allow from all

Order Deny,Allow
Deny from all
Allow from 127.0.0.1 192.168.1.

</Directory>

so only my 192.168.1.0/24 private net can access to it..
i wonder..
in some changes of ispconfig3 made through the http panel
my above code modifications to /etc/httpd/conf/sites-available/ispconfig.conf will be overwritten ?

i have not used the ".htaccess" file cause i saw that in http.conf
the "AllowOverride" directive is set to "None"..
wil cause ipsconfig related web sites problems if i set to "All" ?

thanks,
bye.
Reply With Quote
  #4  
Old 2nd February 2010, 20:15
BorderAmigos BorderAmigos is offline
Senior Member
 
Join Date: Apr 2008
Location: San Diego & Tijuana
Posts: 302
Thanks: 26
Thanked 33 Times in 31 Posts
Send a message via MSN to BorderAmigos Send a message via Yahoo to BorderAmigos
Default

Does this only run when a new site is created? I installed as above and modified an existing site so ISPConfig3 would update but no .htpasswd_admin file was created.
__________________
System6Hosting.com, ISPConfig 3, Debian.

Last edited by BorderAmigos; 2nd February 2010 at 20:21.
Reply With Quote
  #5  
Old 4th February 2010, 14:38
fathertime fathertime is offline
Junior Member
 
Join Date: Jan 2010
Posts: 29
Thanks: 4
Thanked 0 Times in 0 Posts
Red face Couldn't get it to work.

The folder setup is different. I tried to use:
/usr/local/ispconfig/server/lib/config.inc.php

and not:

/usr/local/ispconfig/lib/config.inc.php

But it didn't work. I don't know if the directory issue is the problem or not.

---

Is there a way to password protect the phpmyadmin, even by using just the standard process to make a password protected directory?

htpasswd/htaccess?


I don't feel like the server is secured while this is open.

Thanks for the effort though.

Last edited by fathertime; 4th February 2010 at 14:39. Reason: forgot to say that I couldn't get it to work.
Reply With Quote
  #6  
Old 16th February 2010, 23:30
admins admins is offline
Senior Member
 
Join Date: Apr 2009
Location: Switzerland
Posts: 210
Thanks: 6
Thanked 6 Times in 3 Posts
Default

no answer?
it doesnt work.

thanks
admins
Reply With Quote
  #7  
Old 17th February 2010, 02:38
fathertime fathertime is offline
Junior Member
 
Join Date: Jan 2010
Posts: 29
Thanks: 4
Thanked 0 Times in 0 Posts
 
Default I couldn't get it to work yet.

I put this aside for a bit, while I worked on the ssl setup and configuration.

I couldn't get it to work as instructed in the first post.

I also cannot get .htpasswd or .htaccess to function correctly.

Chmod ... they are rwrr ?

folder used is /usr/share/phpmyadmin

I may be in the wrong folder, but from what I can gather I believe that I am in the right directory.

The end result is that the phpmyadmin is fully accessible via the various websites under /phpmyadmin.

Any suggestions?

T
Reply With Quote
Reply

Bookmarks

Tags
admin, htaccess, htpasswd, ispconfig 3

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Spamsnake - Problem with spamassassin, FuzzyOcr and MySQL debuguser HOWTO-Related Questions 6 16th September 2008 19:37
Spamassassin not working hairydog2 General 7 12th July 2008 22:15
spamassasin/clamAV not working Daisy Installation/Configuration 32 15th February 2007 01:09
postfix-tls sasl2 mysql courier-authmysql gabrix Server Operation 4 12th January 2007 23:09
help with the Postfix Spam Filter using Ubuntu Dapper, MailScanner... tutorial the block Suggest HOWTO 1 8th November 2006 19:20


All times are GMT +2. The time now is 18:13.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.