I have a couple of static pages that I want to restrict access to.
I don’t want to manage another set of usernames & passwds, so I’d like apache2 to authenticate off the standard users on my system, via PAM.
To get this to work, you need to install and configure mod_auth_pam and mod_auth_shadow
aptitude install libapache2-mod-auth-pam libapache2-mod-auth-shadow
Ensure the www-data user is part of the shadow group, so apache2 can read the passwords
usermod -G shadow www-data
And set up the relevent virtual host:
AuthPAM_Enabled On AuthShadow on AuthPAM_FallThrough Off AuthBasicAuthoritative Off AuthType Basic AuthName "Restricted to group: sysadmins" AuthUserFile /dev/null Require group sysadmins
Restart apache, and you’re done!