In your web folder (e.g. `/share/Web` on the NAS or https://IP-OF-YOUR-NAS/web) create a file called `.htaccess` and add the line
Code: Select all
SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
Code: Select all
function require_auth() {
if(isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])){
list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':' , base64_decode(substr($_SERVER['REDIRECT_HTTP_AUTHORIZATION'], 6)));
}
header('Cache-Control: no-cache, must-revalidate, max-age=0');
$is_not_authenticated = true;
$has_supplied_credentials = !(empty($_SERVER['PHP_AUTH_USER']) && empty($_SERVER['PHP_AUTH_PW']));
if ($has_supplied_credentials) {
$result = false;
$usr = $_SERVER['PHP_AUTH_USER'];
$pwd = $_SERVER['PHP_AUTH_PW'];
$handle = popen('/usr/local/apache/bin/pwauth', 'w');
if($handle !== FALSE) {
fwrite($handle, "$usr\n$pwd\n");
$result = pclose($handle);
}
if($result === 0) { // Login OK
$is_not_authenticated = false;
}
}
if ($is_not_authenticated) {
header('HTTP/1.1 401 Authorization Required');
header('WWW-Authenticate: Basic realm="Access denied"');
exit;
}
}
Also I don't know the limitations of this method of authentication, since I don't know how `/usr/local/apache/bin/pwauth` determines if the credentials are valid.
EDIT: A recent update caused pwauth to not work anymore with the apache user (httpdusr). E.g. a test via ssh and `sudo -H -u httpdusr /usr/local/apache/bin/pwauth` failed.
As mentioned in a debian bugreport (https://bugs.debian.org/cgi-bin/bugrepo ... bug=615027) it is now working again, if you set the SUID bit using `chmod 4755 /usr/local/apache/bin/pwauth`. Not sure if this was reset during an update.