plugin for htpasswd for admins

Discussion in 'Tips/Tricks/Mods' started by theos, Jan 26, 2010.

  1. theos

    theos New Member

    Hi all,

    I've created a little plugin that creates a htpassword-file containing all passwords of the clients that are created in ispconfig3.
    I usually use this file to secure webapps like phpmyadmin.

    Maybe it is useful for others. This is my first ispconfig3-plugin. Comments are welcome :)

    Copy this file to /usr/local/ispconfig/server/plugins-available/adminpassword_plugin.inc.php
    Then create a symlink in /usr/local/ispconfig/server/plugins-available
    and create the entry $conf['services']['adminpassword'] = true; in /usr/local/ispconfig/lib/config.inc.php

    Code:
    <?php
      // this plugin automatically creates /var/www/.htpasswd_admin
      // TL Snelleman
      // borrowed some code from: http://www.howtoforge.com/forums/showthread.php?t=33026
    
    class adminpassword_plugin {
    
            var $plugin_name = 'adminpassword_plugin';
            var $class_name  = 'adminpassword_plugin';
    
            //* This function is called during ispconfig installation to determine
            //  if a symlink shall be created for this plugin.
            function onInstall() {
                    global $conf;
    
                    if(@$conf['services']['adminpassword'] == true) {
                            return true;
                    } else {
                            return false;
                    }
            }
    
            /*
                    This function is called when the plugin is loaded
            */
            function onLoad() {
                    global $app;
    
                    /*
                    Register for the events
                    */
    
                    $app->plugins->registerEvent('client_insert',$this->plugin_name,'client_insert');
                    $app->plugins->registerEvent('client_update',$this->plugin_name,'client_update');
                    $app->plugins->registerEvent('client_delete',$this->plugin_name,'client_delete');
            }
    
            function htpassword_update($event_name,$data) {
                    global $app, $conf;
                    $result = $app->db->queryAllRecords("SELECT * FROM client c");
               
    
                	$fp = fopen("/var/www/.htpasswd_admin","w");
                    if ($fp) {
    			foreach($result as $row)
    			{
    			    $username       = $row['username'];
    			    $password       = $row['password'];
    			    if ($password != "") {
    			  	    fwrite($fp,$username.":".$password."\n");
    			    }
    			}
    		}
                    fclose($fp);
            }
    
    	function client_insert($event_name,$data) {
                    global $app, $conf;
                    $this->htpassword_update($event_name,$data);
            }
    
            function client_update($event_name,$data) {
                    global $app, $conf;
                    $this->htpassword_update($event_name,$data);
            }
    
            function client_delete($event_name,$data) {
                    global $app, $conf;
                    $this->htpassword_update($event_name,$data);
            }
    
    } //adminpassword_plugin
    ?>
     
    Last edited: Jan 26, 2010
  2. till

    till Super Moderator

    Thanks for publishing your plugin! Just a small correction :) It must read:

    Then create a symlink in /usr/local/ispconfig/server/plugins-enabled
     
  3. prisfeo

    prisfeo New Member

    thanks theos..i'll try..
    ..
    in the meanwhile, i am in test-phase (ispconfig3+centos5.4)
    but the main domain server is published,
    so i have protected the http://ispconfig.mydomain.com/phpmyadmin
    access through editing the following file:
    /etc/httpd/conf/sites-available/ispconfig.conf
    modifying the following code (red):

    # Except of the following directories that contain website scripts
    <Directory /usr/share/phpmyadmin>
    #Order allow,deny
    #Allow from all

    Order Deny,Allow
    Deny from all
    Allow from 127.0.0.1 192.168.1.

    </Directory>

    so only my 192.168.1.0/24 private net can access to it..
    i wonder..
    in some changes of ispconfig3 made through the http panel
    my above code modifications to /etc/httpd/conf/sites-available/ispconfig.conf will be overwritten ?

    i have not used the ".htaccess" file cause i saw that in http.conf
    the "AllowOverride" directive is set to "None"..
    wil cause ipsconfig related web sites problems if i set to "All" ?

    thanks,
    bye.
     
  4. BorderAmigos

    BorderAmigos New Member

    Does this only run when a new site is created? I installed as above and modified an existing site so ISPConfig3 would update but no .htpasswd_admin file was created.
     
    Last edited: Feb 2, 2010
  5. fathertime

    fathertime New Member

    Couldn't get it to work.

    The folder setup is different. I tried to use:
    /usr/local/ispconfig/server/lib/config.inc.php

    and not:

    /usr/local/ispconfig/lib/config.inc.php

    But it didn't work. I don't know if the directory issue is the problem or not.

    ---

    Is there a way to password protect the phpmyadmin, even by using just the standard process to make a password protected directory?

    htpasswd/htaccess?


    I don't feel like the server is secured while this is open.

    Thanks for the effort though.
     
    Last edited: Feb 4, 2010
  6. admins

    admins Member

    no answer?
    it doesnt work.

    thanks
    admins
     
  7. fathertime

    fathertime New Member

    I couldn't get it to work yet.

    I put this aside for a bit, while I worked on the ssl setup and configuration.

    I couldn't get it to work as instructed in the first post.

    I also cannot get .htpasswd or .htaccess to function correctly.

    Chmod ... they are rwrr ?

    folder used is /usr/share/phpmyadmin

    I may be in the wrong folder, but from what I can gather I believe that I am in the right directory.

    The end result is that the phpmyadmin is fully accessible via the various websites under /phpmyadmin.

    Any suggestions?

    T
     

Share This Page