Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Tips/Tricks/Mods

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Thread Tools Display Modes
Old 26th January 2010, 21:43
theos theos is offline
Junior Member
Join Date: Sep 2006
Posts: 1
Thanks: 1
Thanked 3 Times in 1 Post
Default plugin for htpasswd for admins

Hi all,

I've created a little plugin that creates a htpassword-file containing all passwords of the clients that are created in ispconfig3.
I usually use this file to secure webapps like phpmyadmin.

Maybe it is useful for others. This is my first ispconfig3-plugin. Comments are welcome :)

Copy this file to /usr/local/ispconfig/server/plugins-available/adminpassword_plugin.inc.php
Then create a symlink in /usr/local/ispconfig/server/plugins-available
and create the entry $conf['services']['adminpassword'] = true; in /usr/local/ispconfig/lib/config.inc.php

  // this plugin automatically creates /var/www/.htpasswd_admin
  // TL Snelleman
  // borrowed some code from: http://www.howtoforge.com/forums/showthread.php?t=33026

class adminpassword_plugin {

        var $plugin_name = 'adminpassword_plugin';
        var $class_name  = 'adminpassword_plugin';

        //* This function is called during ispconfig installation to determine
        //  if a symlink shall be created for this plugin.
        function onInstall() {
                global $conf;

                if(@$conf['services']['adminpassword'] == true) {
                        return true;
                } else {
                        return false;

                This function is called when the plugin is loaded
        function onLoad() {
                global $app;

                Register for the events


        function htpassword_update($event_name,$data) {
                global $app, $conf;
                $result = $app->db->queryAllRecords("SELECT * FROM client c");

            	$fp = fopen("/var/www/.htpasswd_admin","w");
                if ($fp) {
			foreach($result as $row)
			    $username       = $row['username'];
			    $password       = $row['password'];
			    if ($password != "") {

	function client_insert($event_name,$data) {
                global $app, $conf;

        function client_update($event_name,$data) {
                global $app, $conf;

        function client_delete($event_name,$data) {
                global $app, $conf;

} //adminpassword_plugin

Last edited by theos; 26th January 2010 at 21:45. Reason: added [code]-tags
Reply With Quote
The Following 3 Users Say Thank You to theos For This Useful Post:
edge (27th January 2010), falko (27th January 2010), till (27th January 2010)
Sponsored Links
Old 27th January 2010, 13:53
till till is offline
Super Moderator
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 37,015
Thanks: 840
Thanked 5,652 Times in 4,461 Posts

Thanks for publishing your plugin! Just a small correction It must read:

Then create a symlink in /usr/local/ispconfig/server/plugins-enabled
Till Brehm
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
Old 27th January 2010, 17:41
prisfeo prisfeo is offline
Join Date: Jan 2010
Posts: 38
Thanks: 3
Thanked 2 Times in 2 Posts

thanks theos..i'll try..
in the meanwhile, i am in test-phase (ispconfig3+centos5.4)
but the main domain server is published,
so i have protected the http://ispconfig.mydomain.com/phpmyadmin
access through editing the following file:
modifying the following code (red):

# Except of the following directories that contain website scripts
<Directory /usr/share/phpmyadmin>
#Order allow,deny
#Allow from all

Order Deny,Allow
Deny from all
Allow from 192.168.1.


so only my private net can access to it..
i wonder..
in some changes of ispconfig3 made through the http panel
my above code modifications to /etc/httpd/conf/sites-available/ispconfig.conf will be overwritten ?

i have not used the ".htaccess" file cause i saw that in http.conf
the "AllowOverride" directive is set to "None"..
wil cause ipsconfig related web sites problems if i set to "All" ?

Reply With Quote
Old 2nd February 2010, 20:15
BorderAmigos BorderAmigos is offline
Senior Member
Join Date: Apr 2008
Location: San Diego & Tijuana
Posts: 302
Thanks: 26
Thanked 33 Times in 31 Posts
Send a message via MSN to BorderAmigos Send a message via Yahoo to BorderAmigos

Does this only run when a new site is created? I installed as above and modified an existing site so ISPConfig3 would update but no .htpasswd_admin file was created.
System6Hosting.com, ISPConfig 3, Debian.

Last edited by BorderAmigos; 2nd February 2010 at 20:21.
Reply With Quote
Old 4th February 2010, 14:38
fathertime fathertime is offline
Junior Member
Join Date: Jan 2010
Posts: 29
Thanks: 4
Thanked 0 Times in 0 Posts
Red face Couldn't get it to work.

The folder setup is different. I tried to use:

and not:


But it didn't work. I don't know if the directory issue is the problem or not.


Is there a way to password protect the phpmyadmin, even by using just the standard process to make a password protected directory?


I don't feel like the server is secured while this is open.

Thanks for the effort though.

Last edited by fathertime; 4th February 2010 at 14:39. Reason: forgot to say that I couldn't get it to work.
Reply With Quote
Old 16th February 2010, 23:30
admins admins is offline
Senior Member
Join Date: Apr 2009
Location: Switzerland
Posts: 210
Thanks: 6
Thanked 6 Times in 3 Posts

no answer?
it doesnt work.

Reply With Quote
Old 17th February 2010, 02:38
fathertime fathertime is offline
Junior Member
Join Date: Jan 2010
Posts: 29
Thanks: 4
Thanked 0 Times in 0 Posts
Default I couldn't get it to work yet.

I put this aside for a bit, while I worked on the ssl setup and configuration.

I couldn't get it to work as instructed in the first post.

I also cannot get .htpasswd or .htaccess to function correctly.

Chmod ... they are rwrr ?

folder used is /usr/share/phpmyadmin

I may be in the wrong folder, but from what I can gather I believe that I am in the right directory.

The end result is that the phpmyadmin is fully accessible via the various websites under /phpmyadmin.

Any suggestions?

Reply With Quote


admin, htaccess, htpasswd, ispconfig 3

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Spamsnake - Problem with spamassassin, FuzzyOcr and MySQL debuguser HOWTO-Related Questions 6 16th September 2008 19:37
Spamassassin not working hairydog2 General 7 12th July 2008 22:15
spamassasin/clamAV not working Daisy Installation/Configuration 32 15th February 2007 01:09
postfix-tls sasl2 mysql courier-authmysql gabrix Server Operation 4 12th January 2007 23:09
help with the Postfix Spam Filter using Ubuntu Dapper, MailScanner... tutorial the block Suggest HOWTO 1 8th November 2006 19:20

All times are GMT +2. The time now is 04:17.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.