Password protect Chevereto

Rodolfo

⭐ Chevereto Godlike
Chevereto Staff
Administrator
This manual will help you to set up a password protected Chevereto, with the ability of display the uploaded images to non authorized users.

What does
Ask for user:password in .php and .js files, so if someone want to upload an image, he or she will need the permission to do this. And, this will no ask for user:password when someone wants to see an uploaded image.

Step by step HOW TO
Add this in your .htaccess
Code:
AuthName "Restricted Area" 
AuthType Basic 
AuthUserFile /home/full/path/to/thepasswordfile/.htpasswd 
AuthGroupFile /dev/null 
<Files *.php>
require valid-user
</Files>
<Files *.js>
require valid-user
</Files>

So, you can use any name in the AuthName, like "Who are you?" or "Please enter your user and password"... It's your call. In AuthUserFile you must put the full path to your user:password list (.htpasswd), The easiest way is to puth this file in the same place of the Chevereto instalation. You can get this path looking up the path bar of your FTP program.

Then create a .htpasswd file and copy the user:password in a new file named .htpasswd witch has to be uploaded to the path that you choose earlier.

And that is all... Now you have a password protected Chevereto... Wich can be used to a very personal or selected usage. You can set a lot of users in your .htpasswd file, one user:password per line and you are ready.

;)
 

jashsayani

Chevereto Noob
Thanks.

This would help for restricting non-authorized users from viewing a particular directory. But a complete User account system would be really helpful. With the ability to have users that can login, upload images, view all their images, delete them, etc.

Like discussed here: http://chevereto.com/foro/post677.html
:)
 

Rodolfo

⭐ Chevereto Godlike
Chevereto Staff
Administrator
Not really... This ask for user:password in order to use any .php file, not a directory. So no one can upload without the right user:password but anyone can see the uploaded images (if they have the url). It's closer to your suggestion, but your suggestion has a lot more of minerals and work to do.

Look a this, a password protected Chevereto:
http://dev.chevereto.com

But, you can see this image... and even show it right here.
304.jpg


So, if you want a personal image host to share with the world and easy set up who can upload, this is for you.
 

Pame

Chevereto Noob
I put this htpasswd file in the same place of my Chevereto installation

I added your code into the .htaccess file supplied like that...

Code:
<Files ~ "^\.ht">
order allow,deny
deny from all
</files>

ErrorDocument 400 /index.php?p=400
ErrorDocument 401 /index.php?p=401
ErrorDocument 403 /index.php?p=403
ErrorDocument 404 /index.php?p=404
ErrorDocument 500 /index.php?p=500
ErrorDocument 503 /index.php?p=503

AuthName "Restricted Area" 
AuthType Basic 
AuthUserFile /my-patch/.htpasswd 
AuthGroupFile /dev/null 
<Files *.php>
require valid-user
</Files>
<Files *.js>
require valid-user
</Files>

But... 500 Internal Server Error !
Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, webmaster@register.it and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

Please! could you tell me why ?
 

Dustin

Chevereto Noob
i had the same problem at one of my recent hosts:

Some hosts are handling the htaccess requests through their sql databases.
Add the following code to the htaccess and try again:

Code:
Auth_Mysql off

solved my problem ;)
 

Peder Johnsen

Chevereto Noob
jashsayani said:
Thanks.

This would help for restricting non-authorized users from viewing a particular directory. But a complete User account system would be really helpful. With the ability to have users that can login, upload images, view all their images, delete them, etc.

Like discussed here: http://chevereto.com/foro/post677.html
:)
I am currently working on something like that :).

But I have run into a few problems mentioned here:
http://chevereto.com/foro/post1633.html
 

Aust

Chevereto Noob
Code:
AuthName "Restricted Area" 
AuthType Basic 
AuthUserFile /home/full/path/to/thepasswordfile/.htpasswd 
AuthGroupFile /dev/null 
<Files *.php>
require valid-user
</Files>
<Files *.js>
require valid-user
</Files>

it's cool, I can see the uploaded direct images but...
When I click on thumbnails a can't see viewer (it's restricted area). How to fix it?
plz help :(
 

Aust

Chevereto Noob
OK I find out, in index.php replece:

Code:
<input tabindex="2" value="[url=<?=$URLvim?>][img]<?=$URLthm?>[/img][/url]" onclick="this.focus();this.select();"

>>>>

Code:
<input tabindex="2" value="[url=<?=$URLimg?>][img]<?=$URLthm?>[/img][/url]" onclick="this.focus();this.select();"

No viewer - no problem :p
 

Mike

Chevereto Noob
Hi. Can someone help me pls. I cant get this to work.

I placed my .htpasswd file on the same folder where I uploaded the chev files.

I tried these two .htaccess files and it did not work.

I get 404 error with this:

Code:
<Files ~ "^\.ht">
order allow,deny
deny from all
</files>

ErrorDocument 400 /index.php?p=400
ErrorDocument 401 /index.php?p=401
ErrorDocument 403 /index.php?p=403
ErrorDocument 404 /index.php?p=404
ErrorDocument 500 /index.php?p=500
ErrorDocument 503 /index.php?p=503

AuthName "Restricted Area" 
AuthType Basic 
AuthUserFile /.htpasswd 
AuthGroupFile /dev/null 
<Files *.php>
require valid-user
</Files>
<Files *.js>
require valid-user
</Files>

And i get "Internal Server Error" when i add "Auth_Mysql off ":

Code:
<Files ~ "^\.ht">
order allow,deny
deny from all
</files>

ErrorDocument 400 /index.php?p=400
ErrorDocument 401 /index.php?p=401
ErrorDocument 403 /index.php?p=403
ErrorDocument 404 /index.php?p=404
ErrorDocument 500 /index.php?p=500
ErrorDocument 503 /index.php?p=503

AuthName "Restricted Area" 
AuthType Basic 
AuthUserFile /.htpasswd 
AuthGroupFile /dev/null 
<Files *.php>
require valid-user
</Files>
<Files *.js>
require valid-user
</Files>
Auth_Mysql off

I'm using v1.91 Many thanks
 
Top