• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Question User Registration and Authentication

F

fayer

New Pleskian
Server operating system version
Ubuntu 20.04
Plesk version and microupdate number
not visible in my version : O
Hello im quite inexperienced with this so i hope my question makes sense ,

i am building a website using plesk and php and need a user management page where it is possible for a admin to create new user or new admins directly from the website. Currently, authentication is implemented using HTTP Basic Authentication with an .htpasswd file. However, my client would like to transition to a solution where user and admin accounts can be stored in a database table and managed (added, deleted, etc.) through a PHP page on the website. Normally i would just download the sw-nginx-module-auth-pam module but this didnt work in this application as i cannot find a compatible module, i even tryed to recompile manually nginx with the module source code but couldnt reach a result where it works , am i missing a easier solution to my problem?is it all possible to do this ?

atm im considering to move everything on a bare metal solution im familiar with but that would be a great amount of effort

any help is greatly appreciated
 
I suspect that using basic authentication with a database backend in nginx might require you to (re)compile nginx with additional modules. There is an old thread outlining how you can compile and use nginx with additional modules. Alternatively you could write a script that reads and writes users to your .htpasswd file. You don't necessarily need a database to mange user authentication. (I think this PHP class can help you accomplish this).

However, if you don't object to using Apache instead, the mod_authn_dbd module is enabled by default on Plesk. You only need to add the example configuration below to the Additional Apache directives of the domain (and create a database, with a user table and database user of course).

Apache config: 
DBDriver mysql
DBDParams "host=localhost dbname=<name of database> user=<name of database user> pass=<database user password>"

DBDMin  4
DBDKeep 8
DBDMax  20
DBDExptime 300

<Directory /var/www/vhosts/example.com/httpdocs>
AuthType Basic
AuthName "Registered User"

AuthDBDUserPWQuery "SELECT password FROM `users` WHERE `user` = %s"
</Directory>

Another option, since you mentioned using PHP, could be to use an PHP framework, like Laravel for example, and manage to whole authentication/login process trough the framework.
 
Kaspar said:
I suspect that using basic authentication with a database backend in nginx might require you to (re)compile nginx with additional modules. There is an old thread outlining how you can compile and use nginx with additional modules. Alternatively you could write a script that reads and writes users to your .htpasswd file. You don't necessarily need a database to mange user authentication. (I think this PHP class can help you accomplish this).

However, if you don't object to using Apache instead, the mod_authn_dbd module is enabled by default on Plesk. You only need to add the example configuration below to the Additional Apache directives of the domain (and create a database, with a user table and database user of course).

Apache config: 
DBDriver mysql
DBDParams "host=localhost dbname=<name of database> user=<name of database user> pass=<database user password>"

DBDMin  4
DBDKeep 8
DBDMax  20
DBDExptime 300

<Directory /var/www/vhosts/example.com/httpdocs>
AuthType Basic
AuthName "Registered User"

AuthDBDUserPWQuery "SELECT password FROM `users` WHERE `user` = %s"
</Directory>

Another option, since you mentioned using PHP, could be to use an PHP framework, like Laravel for example, and manage to whole authentication/login process trough the framework.
Click to expand...
thank you , the classes for writing in the htpasswd where very useful and using groups with basic auth solved all my problems : )
 
You must log in or register to reply here.

Similar threads

C
Question Scripting access to restricted directories through user email registration
Replies
1
Views
615
Martin Dias
Martin Dias
flederwiesel
Question `SSLVerifyClient require` -> AH10158: cannot perform post-handshake authentication
Replies
0
Views
666
flederwiesel
flederwiesel
Linulex
Question How do i change the permissions of the user with role owner?
Replies
2
Views
712
Linulex
Linulex
P
Forwarded to devs Event 'CP User Login' triggered despite invalid additional authentication step (MFA)
Replies
2
Views
1K
Kaspar@Plesk
Kaspar@Plesk
Y
Question Issue Implementing Dynamic CORS Headers in Plesk’s Additional NGINX Directives
Replies
1
Views
321
yfain
Y
Back
Top