Comments (2)
This means a configuration error of some sort, you end up with a recursive redirect. Please verify it and if needed, simplify. You can start with the most basic config using the examples and go from there.
from apache_2fa.
Well, I managed to make it work under Debian 9 with ispconfig3. I did the following steps:
$ sudo python3 -m pip install onetimepass
$ cd /var/www/mydomain.com/web
$ git clone https://github.com/itemir/apache_2fa
$ mkdir apache_2fa/state
$ sudo chown -R ispconfig_user:ispconfig_group apache_2fa
$ cd apache_2fa
$ sudo chmod 750 state
$ sudo chmod 640 tokens.json
and then changed the apache directives using the following settings:
# path to protected directory --> /var/www/mydomain.com/web/public_html
# path to apache_2fa --> /var/www/mydomain.com/web/apache_2fa
DocumentRoot /var/www/mydomain.com/web/public_html
ScriptAlias /auth/ /var/www/mydomain.com/web/apache_2fa/
<Directory /var/www/mydomain.com/web/apache_2fa>
Options +ExecCGI
<FilesMatch "^[^\.]+$">
SetHandler cgi-script
</FilesMatch>
AuthType Digest
AuthName "mydomain.com"
AuthDigestDomain /
AuthDigestProvider file
AuthUserFile /var/www/mydomain.com/web/apache_2fa/apache_credentials
Require valid-user
</Directory>
<Directory /var/www/mydomain.com/web/public_html>
RewriteCond %{REQUEST_URI} !^/auth/
RewriteCond %{HTTP_COOKIE} !^.*2FA_Auth=([a-zA-Z0-9]+)
RewriteRule ^(.*)$ /auth/auth?%{REQUEST_URI} [L,R=302]
RewriteCond %{REQUEST_URI} !^/auth/
RewriteCond %{HTTP_COOKIE} ^.*2FA_Auth=([a-zA-Z0-9]+)
RewriteCond /var/www/mydomain.com/web/apache_2fa/state/%1 !-f
RewriteRule ^(.*)$ /auth/auth?%{REQUEST_URI} [L,R=302]
AuthType Digest
AuthName "mydomain.com"
AuthDigestDomain /
AuthDigestProvider file
AuthUserFile /var/www/mydomain.com/web/apache_2fa/apache_credentials
Require valid-user
</Directory>
from apache_2fa.
Related Issues (20)
- proxypass after 2fa HOT 10
- Instructions should specify pip3, perhaps
- 500 Internal Server Error - No Module Named 'onetimepass' HOT 3
- Question -Bypassing Authentication For A Given IP Range HOT 1
- Unable to Complete HOT 2
- Blank page with : Contact your administrator to obtain your 2FA secret. HOT 1
- apache_2fa generates different token than Google Authenticator HOT 2
- AH01790: user `user_test' in realm `home.me' not found: /auth/aut HOT 2
- Internal Server Error with LDAP HOT 8
- Secret keys HOT 2
- Use with mod_proxy?
- Destroy token? HOT 4
- AuthDigest not recommended for security reasons
- Rewrite rule applies to whole site HOT 1
- You don't have permission to access /auth/auth on this server. HOT 3
- Clean_state HOT 1
- Brute Force Attack HOT 1
- Proxy instead of Directory (Question) HOT 1
- use active directory instead of htaccess HOT 7
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from apache_2fa.