Password protect web folders on linux- htaccess

create a file called htaccess and type in the following

AuthUserFile /usr/local/apache/htdocs/admin/.htpasswd
AuthName “Authorization Required”
AuthType Basic
require valid-user

the htpasswd file can be create using the following method

from ssh _ shell access needed

htpasswd -c /home/user/.htpasswd admin

the above will create a password file with the user admin .. the password will be encryted

in summary , the htaccess file goes nto the folder you wish to protect . the htpasswd file will go into a none public folder ..

——-

# mod_rewrite
<Directory “/homedir/htdocs”>
Options +FollowSymLinks
AllowOverride All
</Directory>

apache saying “[warn] NameVirtualHost 192.0.0.0:80 has no VirtualHosts”

httpd failed!!!!

NameVirtualhosting 192.0.0.0:80 has no virtualhosts

scary huh –read on

apache saying “[warn] NameVirtualHost 192.0.0.0:80 has no VirtualHosts”

we began getting this error after we updated the SSL cert for one of our domains.

We corrupted httpd.conf .. easy fix .. restored a backup copy hhahahah yeh right..

The fix we used was to completely remove the SSL host and recreate it. Serious!

The server was running cpanel , so this was kinda easy since whm was still working without apache.

OPENSSL Install

NSTALLATION ON THE UNIX PLATFORM
———————————

[Installation on Windows, OpenVMS and MacOS (before MacOS X) is described
in INSTALL.W32, INSTALL.VMS and INSTALL.MacOS.]

To install OpenSSL, you will need:

* Perl 5
* an ANSI C compiler
* a supported Unix operating system

Quick Start
———–

If you want to just get on with it, do:

$ ./config
$ make
$ make test
$ make install

[If any of these steps fails, see section Installation in Detail below.]

This will build and install OpenSSL in the default location, which is (for
historical reasons) /usr/local/ssl. If you want to install it anywhere else,
run config like this:

$ ./config –prefix=/usr/local –openssldir=/usr/local/openssl

Configuration Options
———————

There are several options to ./config (or ./Configure) to customize
the build:

–prefix=DIR Install in DIR/bin, DIR/lib, DIR/include/openssl.
Configuration files used by OpenSSL will be in DIR/ssl
or the directory specified by –openssldir.

–openssldir=DIR Directory for OpenSSL files. If no prefix is specified,
the library files and binaries are also installed there.

rsaref Build with RSADSI’s RSAREF toolkit (this assumes that
librsaref.a is in the library search path).

no-threads Don’t try to build with support for multi-threaded
applications.

threads Build with support for multi-threaded applications.
This will usually require additional system-dependent options!
See “Note on multi-threading” below.

no-shared Don’t try to create shared libraries.

shared In addition to the usual static libraries, create shared
libraries on platforms where it’s supported. See “Note on
shared libraries” below.

no-asm Do not use assembler code.

386 Use the 80386 instruction set only (the default x86 code is
more efficient, but requires at least a 486).

no- Build without the specified cipher (bf, cast, des, dh, dsa,
hmac, md2, md5, mdc2, rc2, rc4, rc5, rsa, sha).
The crypto/ directory can be removed after running
“make depend”.

-Dxxx, -lxxx, -Lxxx, -fxxx, -Kxxx These system specific options will
be passed through to the compiler to allow you to
define preprocessor symbols, specify additional libraries,
library directories or other compiler options.

Installation in Detail
———————-

1a. Configure OpenSSL for your operation system automatically:

$ ./config [options]

This guesses at your operating system (and compiler, if necessary) and
configures OpenSSL based on this guess. Run ./config -t to see
if it guessed correctly. If you want to use a different compiler, you
are cross-compiling for another platform, or the ./config guess was
wrong for other reasons, go to step 1b. Otherwise go to step 2.

On some systems, you can include debugging information as follows:

$ ./config -d [options]

1b. Configure OpenSSL for your operating system manually

OpenSSL knows about a range of different operating system, hardware and
compiler combinations. To see the ones it knows about, run

$ ./Configure

Pick a suitable name from the list that matches your system. For most
operating systems there is a choice between using “cc” or “gcc”. When
you have identified your system (and if necessary compiler) use this name
as the argument to ./Configure. For example, a “linux-elf” user would
run:

$ ./Configure linux-elf [options]

If your system is not available, you will have to edit the Configure
program and add the correct configuration for your system. The
generic configurations “cc” or “gcc” should usually work on 32 bit
systems.

Configure creates the file Makefile.ssl from Makefile.org and
defines various macros in crypto/opensslconf.h (generated from
crypto/opensslconf.h.in).

2. Build OpenSSL by running:

$ make

This will build the OpenSSL libraries (libcrypto.a and libssl.a) and the
OpenSSL binary (“openssl”). The libraries will be built in the top-level
directory, and the binary will be in the “apps” directory.

If “make” fails, look at the output. There may be reasons for
the failure that isn’t a problem in OpenSSL itself (like missing
standard headers). If it is a problem with OpenSSL itself, please
report the problem to (note that your
message will be forwarded to a public mailing list). Include the
output of “make report” in your message.

[If you encounter assembler error messages, try the “no-asm”
configuration option as an immediate fix.]

Compiling parts of OpenSSL with gcc and others with the system
compiler will result in unresolved symbols on some systems.

3. After a successful build, the libraries should be tested. Run:

$ make test

If a test fails, look at the output. There may be reasons for
the failure that isn’t a problem in OpenSSL itself (like a missing
or malfunctioning bc). If it is a problem with OpenSSL itself,
try removing any compiler optimization flags from the CFLAGS line
in Makefile.ssl and run “make clean; make”. Please send a bug
report to , including the output of
“make report”.

4. If everything tests ok, install OpenSSL with

$ make install

This will create the installation directory (if it does not exist) and
then the following subdirectories:

certs Initially empty, this is the default location
for certificate files.
man/man1 Manual pages for the ‘openssl’ command line tool
man/man3 Manual pages for the libraries (very incomplete)
misc Various scripts.
private Initially empty, this is the default location
for private key files.

If you didn’t choose a different installation prefix, the
following additional subdirectories will be created:

bin Contains the openssl binary and a few other
utility programs.
include/openssl Contains the header files needed if you want to
compile programs with libcrypto or libssl.
lib Contains the OpenSSL library files themselves.

Package builders who want to configure the library for standard
locations, but have the package installed somewhere else so that
it can easily be packaged, can use

$ make INSTALL_PREFIX=/tmp/package-root install

(or specify “–install_prefix=/tmp/package-root” as a configure
option). The specified prefix will be prepended to all
installation target filenames.

NOTE: The header files used to reside directly in the include
directory, but have now been moved to include/openssl so that
OpenSSL can co-exist with other libraries which use some of the
same filenames. This means that applications that use OpenSSL
should now use C preprocessor directives of the form

#include

instead of “#include “, which was used with library versions
up to OpenSSL 0.9.2b.

If you install a new version of OpenSSL over an old library version,
you should delete the old header files in the include directory.

Compatibility issues:

* COMPILING existing applications

To compile an application that uses old filenames — e.g.
“#include ” –, it will usually be enough to find
the CFLAGS definition in the application’s Makefile and
add a C option such as

-I/usr/local/ssl/include/openssl

to it.

But don’t delete the existing -I option that points to
the …./include directory! Otherwise, OpenSSL header files
could not #include each other.

* WRITING applications

To write an application that is able to handle both the new
and the old directory layout, so that it can still be compiled
with library versions up to OpenSSL 0.9.2b without bothering
the user, you can proceed as follows:

– Always use the new filename of OpenSSL header files,
e.g. #include .

– Create a directory “incl” that contains only a symbolic
link named “openssl”, which points to the “include” directory
of OpenSSL.
For example, your application’s Makefile might contain the
following rule, if OPENSSLDIR is a pathname (absolute or
relative) of the directory where OpenSSL resides:

incl/openssl:
-mkdir incl
cd $(OPENSSLDIR) # Check whether the directory really exists
-ln -s `cd $(OPENSSLDIR); pwd`/include incl/openssl

You will have to add “incl/openssl” to the dependencies
of those C files that include some OpenSSL header file.

– Add “-Iincl” to your CFLAGS.

With these additions, the OpenSSL header files will be available
under both name variants if an old library version is used:
Your application can reach them under names like ,
while the header files still are able to #include each other
with names of the form .

Note on multi-threading
———————–

For some systems, the OpenSSL Configure script knows what compiler options
are needed to generate a library that is suitable for multi-threaded
applications. On these systems, support for multi-threading is enabled
by default; use the “no-threads” option to disable (this should never be
necessary).

On other systems, to enable support for multi-threading, you will have
to specify at least two options: “threads”, and a system-dependent option.
(The latter is “-D_REENTRANT” on various systems.) The default in this
case, obviously, is not to include support for multi-threading (but
you can still use “no-threads” to suppress an annoying warning message
from the Configure script.)

Note on shared libraries
————————

For some systems, the OpenSSL Configure script knows what is needed to
build shared libraries for libcrypto and libssl. On these systems,
the shared libraries are currently not created by default, but giving
the option “shared” will get them created. This method supports Makefile
targets for shared library creation, like linux-shared. Those targets
can currently be used on their own just as well, but this is expected
to change in future versions of OpenSSL.

How to Compile the Linux Kernel

 RedHat is not Linux, it is a distribution based on the Linux kernel. The Linux kernel is a complex program which provides the underlying services to the rest of a Linux distribution. But it is easy to add new features or improvments to it as, unlike commercial operating systems like Windows 95 or MacOS, the source code is freely available. It is common practice with a Linux based operating system to recompile the kernel from source and much effort has been put in to make this a realitively user-friendly experience.
Why Compile a New Kernel?
You may be thinking “But why recompile it? It works fine as it is.” There are three reasons for a recompile. Firstly, you may have some hardware that is so new that there’s no kernel module for it in on your distribution CD. Secondly, you may have come across some kind of bug which is fixed in a revision of the operating system. Lastly, you may have some new software which requires a newer version of the operating system.
Getting the Kernel Sources
The most recent releases of the kernel sources are available on ftp.kernel.org. This site is mirrored worldwide so there is probably a fast copy of it somewhere near you. Locate the file for the latest version of the operating system and download it to /usr/src. Then issue the tar zxf command to unpack it.
Alternatively, if you already have the kernel sources and only need to upgrade one version number (from 2.2.1 to 2.2.2 for instance) then download the patch file to /usr/src and then use the command:gzip -dc patch-2.2.2.gz |patch -p0

to upgrade your old kernel sources. Patch files are much smaller to download than the whole thing.

If you do not need the very latest version, then installing a kernel source package from your distribution CD may be an easier way to proceed.
Configuring For a Build
Change directory to /usr/src/Linux and issue the command:

make menuconfig

This will build a few programs and then quickly pop up a window. The window menu lets you alter many aspects of kernel configuration.

After you have made any necessary changes, save the configuration and follow these instructions–do a

make dep; make clean

The first of these commands builds the tree of interdependencies in the kernel sources. These dependencies may have been affected by the options you have choosen in the configure step. The make clean purges any now-unwanted files left from previous builds of the kernel.

Then you are ready to go! Issue this command:

make zImage

and then, if you are on a machine slower than a Pentium 200, go and make a cup of tea. This takes about 20 minutes on a Pentium 90…the kernel has a lot of source code as you may have noticed when downloading it. When this is complete do a:

make modules

This will not take as long.
Installing a New Kernel
Phew, finally! The last step is installing the new kernel. On an Intel-based system the kernel is installed to the right place in /boot with the command

cp /usr/Linux/src/arch/i386/boot/zImage /boot/newkernel

then

make modules_install

This will install the modules in /lib/modules. Next, edit /etc/lilo.conf to add a section like this

image = /boot/newkernel

label = new

read-only

At the next reboot, select the kernel ‘new’ in lilo, and it will load the new kernel. If it works fine, move it to the first position in the lilo.conf so it will boot every time by default.
Summary
Compiling the kernel is a relatively simple operation- if you have done it before! At first it can seem daunting. There are many Web sites dedicated to the kernel; at the left are just a few.

Installing a Wireless Card via linux

This doc is out of date as most of the linux distros now have support for wireless cards My configuration was a laptop running Centos w/netgear ws511 wireless card
You will need ndiswrapper in order to get your wireless card to work under linux..
[http://ndiswrapper.sourceforge.net/|Get Ndiswrapper]

PrerequisitesYou need a recent kernel at least 2.6.6 or 2.4.26 with source. Under Red Hat or Mandrake, the sources can be installed using the package kernel-source.rpm. Make sure there is a link to the kernel source from the modules directory. /lib/modules/VERSION/build should be a link to the kernel source, where VERSION is the version of the kernel you are running. If there is no link, you’ll get an error at the make install step. To create a link, assuming the kernel sources are present, use the commandln -s /usr/src/linux- /lib/modules/VERSION/build

Make sure you have started compiling the kernel sources, so needed header files are present. Some vendors ship ndiswrapper in their distributions. Either use it or make sure you remove it before installing ndiswrapper by yourself. Make sure you have the Wireless Tools installed. Again, there is a package that comes along with Red Hat and Mandrake distributions. If you are using Debian you can install the wireless-tools package from the mirror, here
[edit]
Upgrading

It is always a good idea to Uninstall the current version and reinstall the new version. This way, if there are changes in formats of configuration files etc., the new version will work without problems.
[edit]
Downloading

Download the latest version of the ndiswrapper sources from here and extract it with

tar zxvf ndiswrapper-version.tar.gz

This will create ndiswrapper-version directory. Change to that directory with

cd ndiswrapper-version.

If you are having problems with release version or you want to try bleeding-edge version, you can either get the latest snapshot tar ball from here, or latest CVS version with

cvs -z3 -d:pserver:anonymous@cvs.sourceforge.net:/cvsroot/ndiswrapper co ndiswrapper

Note that the snapshot tar balls and CVS versions may or may not work they may not even compile. If you have problems with these, please don’t complain, except to provide feedback/debug trace to help fix bugs. However, sometimes, these may work better than release versions, as bugs are fixed, features are added etc.
[edit]
Installation
[edit]
Compile and install
Go to source-directory and do

make distclean

As root run

make

and then

make install

This should compile and install both the kernel module and the userspace utilities.
[edit]
Install Windows driver

Important: Do NOT use drivers on your CD. They may work, but you may experience kernel crashes etc., if the driver on your CD has not been tested.
Instead, you need to download appropriate Windows XP driver for your card from the Wiki entry List. To identify the driver that you need, first identify the card you have with ‘lspci’ and note the first column such as 0000:00:0c.0 and then find out the PCI ID of the card that with ‘lspci -n’ corresponding to the first column of ‘lspci’ output.
The PCI ID is third column or fourth in some distributions and of the form ‘104c:8400’. Now you need to get the Windows driver for this chipset. In the List, find out an entry for the same PCI ID and download the driver corresponding to it. Unpack the Windows driver with unzip/cabextract/unshield tools and find the INF file (.INF or .inf extension) and the SYS file (.SYS or .sys extension).
If there are multiple INF/SYS files, you may look in the List if there are any hints about which of them should be used. Make sure the INF file, SYS file and any BIN files for example, TI drivers use BIN firmware files are all in one directory. Now use ‘ndiswrapper’ tool to install the driver with

ndiswrapper -i filename.inf

This copies all necessary files to /etc/ndiswrapper and creates the config files for your card. After installing you can run

ndiswrapper -l

to see the status of your installed drivers. If you have installed the correct driver you should see something like this

Installed ndis drivers:
bcmwl5 driver present, hardware present

Where ‘present’ means that you have a card that can be used with the driver installed. In this case, broadcom driver bcmwl5 is used. If you see ‘cannot locate lspci. Unable to see if hardware is present’, you need to install the pciutils package.
[edit]
Load module:
Before you load the module DO NOT FORGET to type

depmod -a

If there is no error, continue. To load the module type

modprobe ndiswrapper

If you get no error the driver should now be loaded. You can verify this by checking system log produced by dmesg. If the driver is loaded successfully, you should see a message in the system log

ndiswrapper version loaded

Make sure the version here matches the version of ndiswrapper package that you downloaded and installed. If you get a different version, you have old version of package, which you should Uninstall and go back to step 1.

If after modprob’ing, system is locked up no response to keyboard etc., it indicates that kernel has crashed. See Distributions and FAQ for hints on what may cause problems for your distribution/kernel.
If you have successfully installed windows drivers earlier with ndiswrapper -i INFfile, the ndiswrapper module will load them all. You should then see the following messages in system log

ndiswrapper: driver ”driver1” added

for each of the drivers. If you don’t see these messages, it usually means that there are no usable drivers installed in /etc/ndiswrapper directory. Check if the /etc/ndiswrapper directory has one sub-directory for each driver and if in each driver’s directory there are inf, sys and conf files. Otherwise, you may need to repeat step 2.

If this does not bring up the lights on the card, try ejecting it and re-inserting it.

If the system has a card that works with one of the loaded drivers, you should see the following message in the system log

wlan0: ndiswrapper ethernet device xx:xx:xx:xx:xx:xx

[edit]
Configure interface:
Use iwconfig to configure wireless network interface. First, see if the interface is available, with

iwconfig

This tool is not likely to be present on your system : it is part of the package Wireless Tools for Linux, which you should install. This will print the wireless interface e.g., wlan0. In the examples below wlan0 is used replace wlan0 with the interface reported by iwconfig above. The wireless configuration to be used should match what your Access Point AP uses. First, find out if you can see your access point (AP) with

iwlist wlan0 scan

Note: You may have to set the network name before the scan can find your Access Point. If the scan does not find your AP, try issuing the command

iwconfig wlan0 essid ‘ESSID’

before the using the command

iwlist wlan0 scan

If this lists your AP, you can continue. Otherwise, you may have one of two problems: Your AP doesn’t broadcast SSID see the FAQ for more information or the radio of the card is off again, see the FAQ for details. If you see the AP in scan above, set the operating mode of the interface according to your setup. In most cases, it is Managed

iwconfig wlan0 mode Managed

If you use encryption WEP, set the key:

iwconfig wlan0 key restricted XXXXXXXX

You can use 10 hex digits for 40-bit encryption or 26 hex digits for 128-bit encryption. You may need to use open security mode instead of restricted depending on the setup of your AP. If you want to write the key in ASCII use s: e.g. iwconfig wlan0 key restricted s:password. Set the network name

iwconfig wlan0 essid ‘ESSID’

Replace ESSID with the network name used by your AP.

At this point, check to make sure that ESSID is set in output of iwconfig wlan0. If you see the ESSID as you set, you can proceed to next step. If you see ESSID: off/any, then your card is not associated to AP. Check if WEP encryption is set exactly as used by AP and the AP broadcasts ESSID. See FAQ for more details. Until ESSID is set in output of iwconfig wlan0, you may not use wlan0 as network interface.
Now, setup the network parameters for the interface wlan0. This varies from distribution to distribution. Refer to your distribution’s documents on how to do this. Once this is done, you can use network tools to bring up the network e.g.,

ifconfig wlan0 up

or

dhclient wlan0

or

dhcpcd wlan0

etc.

Remember, if you have a firewall, to let it know that wlan0 is an external interface and allow it to pass traffic otherwise you won’t even be able to ping your AP.

If you receive the following error message

ifup wlan0
ignoring unknown interface wlan0=wlan0

then you will need to add your own IP manually by simply entering

ifconfig wlan0
/sbin/route add default gw

This should allow you onto the internet for this session only.

[edit]
Running at Startup:
Create module alias: Once everything works fine you can write the correct modprobe settings to load ndiswrapper automatically when wlan0 interface is used, by running

ndiswrapper -m

Note that this doesn’t automatically load ndiswrapper module at boot time. If you want the module to be loaded automatically at boot time, you should configure your module setup, which depends on the distrbution. Most distributions will load all modules listed in /etc/modules at boot time. Mandrake 10.x uses /etc/modprobe.preload. For them, you can add a line

ndiswrapper

in /etc/modules.

If you had the ignoring unknown interface wlan0=wlan0 error earlier you will need to edit your /etc/network/interfaces file and change all occurences of eth0 to wlan0

Computer , server issues and solutions