Since upgrading/updating my OS X Server to 5 (now on 5.0.4) my website configuration is off. I have managed to get my website working again, the only thing that is wonky is the password protection.
My issue in TLDR: When my site is password protected using the OS X Server functionality, it requires a password for every single image and file on the site. Previously entering the password once was enough to access the entire site. I want that again.
My site is in the default folder. I want it to be entirely password protected through Apache itself (not something I build/implement).
Through OS X Server, settings for the default site (no SSL) I have set Who Can Access to "A Specific Group" and the group to my only configured group. When I access the site, it ask for the password, but asks for it for every single file (with the message that my password was incorrect).
The only change in the .conf file I can see is the addition of rewrite rules. Removing them does not seem to solve my issue.
How can I configure my site using OS X Server or the Apache .conf file to ask for my password only once when entering the site and then use it for my entire session?
For extra information, the password works the same whether accessing locally through the IP or over the web (IP or URL). OS X Server always says my site is not accessible over the internet, even though it is.
My configuration file:
<VirtualHost 127.0.0.1:34580>
ServerAdmin [email protected]
DocumentRoot "/Library/Server/Web/Data/Sites/Default"
DirectoryIndex index.html index.php default.html
CustomLog "/var/log/apache2/access_log" combinedvhost env=!forwarded
CustomLog "/var/log/apache2/access_log" combinedvhostproxy env=forwarded
ErrorLog "/var/log/apache2/error_log"
<IfModule mod_ssl.c>
SSLEngine Off
SSLCipherSuite "ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM"
SSLProtocol -ALL +TLSv1
SSLProxyEngine On
SSLProxyProtocol -ALL +TLSv1
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
</IfModule>
<Directory "/Library/Server/Web/Data/Sites/Default">
Options All -Indexes -ExecCGI -Includes +MultiViews
AllowOverride None
<IfModule mod_dav.c>
DAV Off
</IfModule>
<IfDefine !WEBSERVICE_ON>
Require all denied
ErrorDocument 403 /customerror/websitesoff403.html
</IfDefine>
RewriteEngine on
RewriteCond %{HTTP:X-FORWARDED-FOR} !^$
RewriteCond %{REQUEST_METHOD} !^(PROPFIND|OPTIONS)$
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^(.*)([^/])$ %{HTTP:X-FORWARDED-PROTO}://%{SERVER_NAME}/$1$2/ [R=301,L,NC]
AuthType Digest
AuthName "Realm ID 05011761"
<Limit PUT DELETE PROPPATCH PROPFIND MKCOL COPY MOVE LOCK UNLOCK>
Require no-user
</Limit>
<Limit GET HEAD OPTIONS CONNECT POST>
Require group familieraap
</Limit>
<IfDefine !WEBSERVICE_ON>
Require all denied
ErrorDocument 403 /customerror/websitesoff403.html
</IfDefine>
</Directory>
ServerAlias my.sitealias.nl
try to change this:
AuthType Digest to AuthType Basic