• Hi, Pleskians! We are running a UX testing of our upcoming product intended for server management and monitoring.
    We would like to invite you to have a call with us and have some fun checking our prototype. The agenda is pretty simple - we bring new design and some scenarios that you need to walk through and succeed. We will be watching and taking insights for further development of the design.
    If you would like to participate, please use this link to book a meeting. We will sent the link to the clickable prototype at the meeting.
  • (Plesk for Windows):
    MySQL Connector/ODBC 3.51, 5.1, and 5.3 are no longer shipped with Plesk because they have reached end of life. MariaDB Connector/ODBC 64-bit 3.2.4 is now used instead.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Question User Registration and Authentication

F

fayer

New Pleskian
Server operating system version
Ubuntu 20.04
Plesk version and microupdate number
not visible in my version : O
Hello im quite inexperienced with this so i hope my question makes sense ,

i am building a website using plesk and php and need a user management page where it is possible for a admin to create new user or new admins directly from the website. Currently, authentication is implemented using HTTP Basic Authentication with an .htpasswd file. However, my client would like to transition to a solution where user and admin accounts can be stored in a database table and managed (added, deleted, etc.) through a PHP page on the website. Normally i would just download the sw-nginx-module-auth-pam module but this didnt work in this application as i cannot find a compatible module, i even tryed to recompile manually nginx with the module source code but couldnt reach a result where it works , am i missing a easier solution to my problem?is it all possible to do this ?

atm im considering to move everything on a bare metal solution im familiar with but that would be a great amount of effort

any help is greatly appreciated
 
I suspect that using basic authentication with a database backend in nginx might require you to (re)compile nginx with additional modules. There is an old thread outlining how you can compile and use nginx with additional modules. Alternatively you could write a script that reads and writes users to your .htpasswd file. You don't necessarily need a database to mange user authentication. (I think this PHP class can help you accomplish this).

However, if you don't object to using Apache instead, the mod_authn_dbd module is enabled by default on Plesk. You only need to add the example configuration below to the Additional Apache directives of the domain (and create a database, with a user table and database user of course).

Apache config: 
DBDriver mysql
DBDParams "host=localhost dbname=<name of database> user=<name of database user> pass=<database user password>"

DBDMin  4
DBDKeep 8
DBDMax  20
DBDExptime 300

<Directory /var/www/vhosts/example.com/httpdocs>
AuthType Basic
AuthName "Registered User"

AuthDBDUserPWQuery "SELECT password FROM `users` WHERE `user` = %s"
</Directory>

Another option, since you mentioned using PHP, could be to use an PHP framework, like Laravel for example, and manage to whole authentication/login process trough the framework.
 
Kaspar said:
I suspect that using basic authentication with a database backend in nginx might require you to (re)compile nginx with additional modules. There is an old thread outlining how you can compile and use nginx with additional modules. Alternatively you could write a script that reads and writes users to your .htpasswd file. You don't necessarily need a database to mange user authentication. (I think this PHP class can help you accomplish this).

However, if you don't object to using Apache instead, the mod_authn_dbd module is enabled by default on Plesk. You only need to add the example configuration below to the Additional Apache directives of the domain (and create a database, with a user table and database user of course).

Apache config: 
DBDriver mysql
DBDParams "host=localhost dbname=<name of database> user=<name of database user> pass=<database user password>"

DBDMin  4
DBDKeep 8
DBDMax  20
DBDExptime 300

<Directory /var/www/vhosts/example.com/httpdocs>
AuthType Basic
AuthName "Registered User"

AuthDBDUserPWQuery "SELECT password FROM `users` WHERE `user` = %s"
</Directory>

Another option, since you mentioned using PHP, could be to use an PHP framework, like Laravel for example, and manage to whole authentication/login process trough the framework.
Click to expand...
thank you , the classes for writing in the htpasswd where very useful and using groups with basic auth solved all my problems : )
 
You must log in or register to reply here.

Similar threads

C
Question Scripting access to restricted directories through user email registration
Replies
1
Views
526
Martin Dias
Martin Dias
flederwiesel
Question `SSLVerifyClient require` -> AH10158: cannot perform post-handshake authentication
Replies
0
Views
454
flederwiesel
flederwiesel
Linulex
Question How do i change the permissions of the user with role owner?
Replies
2
Views
609
Linulex
Linulex
P
Forwarded to devs Event 'CP User Login' triggered despite invalid additional authentication step (MFA)
Replies
2
Views
992
Kaspar@Plesk
Kaspar@Plesk
Merlin1220
Question different port for Wordpress backend
Replies
0
Views
555
Merlin1220
Merlin1220
Back
Top