How to password protect root / default webpage

Greg M

Active Member
May 26, 2016
36
12
8
Glasgow, Scotland
cPanel Access Level
Root Administrator
Hi there,

I am trying to figure out how I can password protect the server hostname default page.

i.e. server.domain.com (which auto forwards to -> /cgi-sys/defaultwebpage.cgi)

The reason I want to do this is because I have installed mod_pagespeed and I am trying to enable its admin GUI.

The problem I have is that for some daft reason I cannot access the /pagespeed_admin/ from a subdomain, such as cache.domain.com - for some reason it just doesn't load up, however it does load from the servers hostname - server.domain.com/pagespeed_admin/

However this would allow anyone who discovers the link to interact with this GUI which is not very secure. I am aware I could restrict it to my IP but I I'd need to access it from various locations, some of which are dynamic IPs

So my hopeful resolution is to password protect server.domain.com.


Is there a way to do this?

Thanks
 

Greg M

Active Member
May 26, 2016
36
12
8
Glasgow, Scotland
cPanel Access Level
Root Administrator
Hi Michael, thanks for the reply.

Just to clarify, I am looking to do this for the root hostname of the server / main IP address.

I believe the correct directory is /var/www/html/ (checked this by editing the main html page that calls the default system cgi page) however when adding an htaccess file it doesn't seem to have an effect?

Thanks
 

Greg M

Active Member
May 26, 2016
36
12
8
Glasgow, Scotland
cPanel Access Level
Root Administrator
I actually managed to work it out,

I had to add

Code:
<Directory "/var/www/html/">
  Options Indexes FollowSymLinks MultiViews
  AllowOverride AuthConfig
  Order allow,deny
  Allow from all
</Directory>
to the Pre main include - I was avoiding updating httpd.conf direct.

Seems to be working great now



EDIT: IF anyone is attempting this, I had to put my passwd file within the /var/www/.passwds/ directory and set the folder to 755 permissions otherwise the file was unreadable by apache
 
Last edited:

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,233
363
cPanel Access Level
DataCenter Provider
Twitter
Hello,

Keep in mind you may want to upload your custom script to a subdirectory within "/var/www/html/" and apply the workaround to the specific subdirectory (e.g. /var/www/html/directory-name). Otherwise, access attempts to the other templates (e.g. suspended page, error documents) will require authentication.

Thank you.
 

Greg M

Active Member
May 26, 2016
36
12
8
Glasgow, Scotland
cPanel Access Level
Root Administrator
Hi Michael,


Thank you for the response, because I am using mod_pagespeed there is no actual physical directory created (that I can find) which is why I am having to protect the root level.

However in terms of what you were saying I suspended an unused account and accessed it via private tab in different browser and it did not require any authentication for the suspended page so I don't think I will have any issues?
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,233
363
cPanel Access Level
DataCenter Provider
Twitter
However in terms of what you were saying I suspended an unused account and accessed it via private tab in different browser and it did not require any authentication for the suspended page so I don't think I will have any issues?
In that case, no further steps should be required.

Thank you.
 

Greg M

Active Member
May 26, 2016
36
12
8
Glasgow, Scotland
cPanel Access Level
Root Administrator
Hi Michael,

Turned out that this did indeed cause an issue,

Code:
server lfd[1410]: STATS: Unable to retrieve Apache Server Status [http://127.0.0.1/whm-server-status?auto] - Unable to download: Unauthorized
Turns out creating a /pagespeed_global_admin/ directory in the apache root and password protecting that works even though pagespeed doesnt physically reside there. I had originally though this would have caused an issue but that seems to be the full solution !
 
  • Like
Reactions: cPanelMichael