Programmatic passwd files
I want to generate password protected directories automatically as we migrate away from manually created password protected passwords in cPanel. I see that cPanel creates the files in /.htpasswds/public_html/EXAMPLE_DIR. PHP doesn't have proper permissions to edit this file and still have Apache run the file as it needs to run as the 'nobody' user and the PHP script isn't in the same permissions group. Which makes sense, so what I tried doing was to create/migrate the passwd file to /public_html/EXAMPLE_DIR, Then update the .htaccess in /EXAMPLE_DIR to point to the new passwd file (now renamed .htpasswd). Except that if I visit the Directory Privacy screen again, it will undo all my work and revert everything somehow. I'm not even sure where it's storing this information that's its recovering these files from.
Since I don't know enough of what cPanel is doing to stop it from meddling, what would be the best way to accomplish this? These directories are using BASIC AUTH as a simple means of login (it's an old site) and I'd like to automate this some. How do I create these programmatically without cPanel screwing it up?
-
From what i can tell, it's doing the opposite of what i'm trying to do. If i create a folder with an .htaccess and .htpasswd file, it will automatically convert it to use the .htpasswds folder above public_html. Would something like this work then: 1. PHP creates a folder with a .htaccess and .htpasswd file when it 'Adds' a member. Then it will be valid until cPanel sees it. Once it sees it, it migrates it to the .htpasswds folder where it still works. 2. If PHP needs to update the password, it can recreate an .htaccess and .htpasswd in the same directory which will effectively change the password. THen if cpanel sees it, it will migrate the files again. 3. If someone wants to update the password via cpanel, as soon as they open up Directory Privacy, it will trigger the migration and then they can change the password and it will still apply properly. So at this point I'm thinking as long as I assume cpanel will migrate it eventually I can just overwrite the .htaccess and .htpasswd where PHP has permissions and if they move it should still work properly. Is that probably the best way to work around this? Or is there a better way? 0 -
Hey hey! I think that's the best plan, so I would try playing with that method a bit. I checked things on my end just now and I couldn't come up with any other solution that was better, so I'd give that a shot and go from there. You could also submit a feature request to see if we could change the behavior on our end. 0
Please sign in to leave a comment.
Comments
2 comments