Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Unraid-Web Password Protect web server

Featured Replies

I like the Unraid-Web feature that lets you have an http server to then share a folder, its pretty cool, but how can I assign passwords for directories, some sort of authentication so that I can have some protection? 

  • Author

I have read that, and that is why I posted on the forum because I could not find anything for Unraid-Web, the UnMenu addon.  My question was not how to protect a user share, but how to create a password for the UnRaid-Web webserver feature, so that when setting up the webserver it asks for authentication on certain folders before being able to access files remotely.   

 

Unraid-Web has a feature that lets you create a webserver, I believe on lighttpd and assign it a port on which that particular web server will run.  Then you point it at a folder and the contents of that folder immediately get put on the webserver. Now what i need is the web authentication method so that i can password protect access to who can access/view that content.  Lets say I have some files or photos in a particular folder, I want it to be password protected.

unRAID-web is just lighttpd so this question is not specifically related to unRAID.

 

My suggestion is to look on the lighttpd page or trying this google search.  That should get you started down the correct direction.

  • Author

I had actually run into the top search result of your suggested google search, the issue is I did not understand where/how to modify the lighttpd configuration files, nor how to do that. I did not know if it was previously something someone had done or maybe a user script or unmenu package had been created to make it simpler. 

 

Here are the instructions.

 

If you require authentication on certain directories using the Lighttpd web server, you can use Lighttpd's mod_auth module. It allows you to protect any directory in web server with access restrictions (just like Apache's password protected directory) .

 

Lighttpd supports both basic and digest authentication methods. Now consider following sample setup:

 

  1. Domain name: theos.in

  2. Directory (DocRoot) to protect with a password: /home/lighttpd/theos.in/http/docs

  3. Username: vivek

  4. Lighttpd password file: /home/lighttpd/.lighttpdpassword (this file should be outside default http document root)

 

How do I use Basic authentication method?

 

Easy to implement and password stored in cleartext format using files. If you are going to use this method make sure you use SSL (Secure Socket Layer) connection/encryption.

Step #1: Open /etc/lighttpd/lighttpd.conf file

 

Make sure mod_auth is loaded:

server.modules += ( "mod_auth" )

 

Now add following three directives:

auth.debug = 2

auth.backend = "plain"

auth.backend.plain.userfile = "/home/lighttpd/.lighttpdpassword"

 

Where,

 

    * auth.debug = 2 : Specify debug level (0 turns off debug message, 1 for authentication ok message and 2 for detailed/verbose debugging message). This is useful for troubleshooting authentication problem. It logs message in access.log and error.log files

    * auth.backend = "plain" : You are using plain text backend (other options are ldap, htpasswd and others)

    * auth.backend.plain.userfile = "/home/lighttpd/.lighttpdpassword" : Filename of the username:password storage

 

Next, you need specify which directory you want to password protect. For example, consider directory /home/lighttpd/theos.in/http/docs directory. Find out your domains virtual hosting section (theos.in) and append following text:

auth.require = ( "/docs/" =>

(

"method" => "basic",

"realm" => "Password protected area",

"require" => "user=vivek"

)

)

 

Where,

 

    * auth.require = ( "/docs/" => : Directory name

    * "method" => "basic", : Authentication type

    * "realm" => "Password protected area", : Password realm/message

    * "require" => "user=vivek" : Only user vivek can use /docs/

 

At the end, your configuration should read as follows:

$HTTP["host"] == "theos.in" {

server.document-root = "/home/lighttpd/theos.in/http"

server.errorlog = "/var/log/lighttpd/theos.in/error.log"

accesslog.filename = "/var/log/lighttpd/theos.in/access.log"

auth.require = ( "/docs/" =>

(

"method" => "basic",

"realm" => "Password protected area",

"require" => "user=vivek"

)

)

}

 

Save and close the file.

Step # 2: Create a password file

 

Create a plain text username (vivek) and password file:

# vi /home/lighttpd/.lighttpdpassword

 

Append username:password:

vivek:mysecretepassword

 

Where,

 

    * vivek - is the name of a user. Please note that do not use a system user stored in /etc/passwd file. It is recommended that you use a different username that only exists for the purpose of authenticating password protected directories.

    * mysecretepassword - is the password for user vivek (must be in clear text format for plain text method)

 

Save and close the file. Make sure file /home/lighttpd/.lighttpdpassword is readable by lighttpd:

# chown lighttpd:lighttpd /home/lighttpd/.lighttpdpassword

 

Finally, restart lighttpd server:

# /etc/init.d/lighttpd restart

Step # 3: Test your configuration

 

Fire your browser and point a web browser to http://yourdomain.com/docs/ or http://localhost/docs/ or http://ip-address/docs. You should be prompted for a username and password.

 

Lighttpd password dialog

 

This way you can restrict access to certain areas of your website. Make sure you also use SSL encryption for authenticating users and secure digest authentication.

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.