Apache/MySQL Authentication and SSL Help

[nick1]

Greetings,

 

I'm hoping someone who's been down this road many times can tell me if I have my story straight.

I would like to use apache and mysql to authenticate users to an "administrator only" portion of my website.

I would also like the communications over that portion of the website to be encrypted.

This is all on a LAMP installation of the newest version of Ubuntu server.

 

I've done some research and it looks like I need the following:

 

1.) Apache/MySQL authentication : mod_auth_mysql

2.) Secure Communications : SSL

 

Is this correct?  I've read of something called mod_myauth for apache2.

What is the difference between mod_auth_mysql and mod_myauth ?

I was a little surprised of the lack of documentation on setting up mod_auth_mysql.

Can you recommend some thorough tutorials on these subjects?

 

Any other advice from the battlefield would be greatly appreciated.

Thank you for your time,

 

*Nick*

[steviewdr]

Well, without me going googling, Id say that mod_auth_mysql is to allow Apache auth of MySQL for htaccess auth. So instead of generating a manual .htpasswd file to store users and passwords, you use a MySQL database.

 

I am not sure what mod_myauth is.

 

A simple .htaccess and .htpasswd would suffice for you IMO.

 

At the command promt type in:

htpasswd and see what it gives you.

 

SSL is simple. You need to configure apache to "Listen 443" and to provide a self generated SSL cert.

 

Take a look at how I done it using Debian (very same as for ubuntu):

http://wiki.kartbuilding.net/index.php/Apache_2_%26_SSL_-_PHP4_-_MySQL_4.1

 

-steve