You can support us by downloading this article as PDF from the Link below. Download the guide as PDF

Introduction

You can beef up the of your Apache Web server by enabling authentication against LDAP. This works in case you would wish users to authenticate themselves before peering into what the server hosts.

This guide illustrates how you can force users to authenticate themselves against PAM or LDAP. We assume that you already have LDAP installed and users already existing. If not, the following guides will help you set up LDAP quickly.

Install and configure OpenLDAP & phpLDAPadmin on Ubuntu 18.04 LTS

How to Install and configure OpenLDAP Server on Ubuntu 18.04 LTS

How To Install and Configure OpenLDAP Server on Debian 10 (Buster)

To get the results that we desire, let us go on to the following steps.

Step 1: Install Apache if not installed already

This step assumes you do not have Apache already installed. We shall use it as our example and test authentication. Fire up your terminal and issue the command below

sudo dnf install httpd -y

Step 2: Install mod_ldap

mod_ldap will be used by Apache to authenticate against LDAP. Install it as below

sudo dnf install mod_ldap

Step 3: Create a sample Test page

To test if our LDAP authentication works, let us create a simple HTML file and protect it with LDAP authentication.

sudo vim /etc/httpd/conf.d/ldap.conf

Create your configuration like below.

<Directory /var/www/html/ldap>
     AuthName "LDAP Authentication"
     AuthType Basic
     AuthBasicProvider ldap
     AuthLDAPURL ldap://192.168.250.229/dc=computingforgeeks,dc=com?uid?sub?(objectClass=*)
     Require ldap-filter objectClass=posixAccount
</Directory> 

Reference: HTTPD Authentication and Authorization

Step 4: Create the root directory of the page

Since the root directory is on a new folder, let us create it and add our simple web page inside

sudo mkdir /var/www/html/auth-ldap

Add the webpage

sudo vim /var/www/html/ldap/index.html
<html>
<body>
<div style="width: 100%; font-size: 50px; font-weight: bold; text-align: center;">
This page confirms that LDAP Authentication works
</div>
</body>
</html>

Change permissions

Since the page will be loaded by apache, change the file added to belong to apache

sudo chown -R apache:apache /var/www/html/ldap

Step 5: Restart Apache

Apache needs to be restarted every time core configuration changes have taken place. Let us restart httpd daemon

sudo systemctl restart httpd

Step 6: Test if it works

Load your favorite browser and enter the URL that the page is to be loaded on. For me it is

http://example.com or IP/ldap

The page loads and asks for credentials. Enter username and password that exists in your LDAP server.

APACHE auth

And the page loads

APACHE auth logged in

Wrapping up

LDAP adds a layer of security to your web page in case you would wish only authorized users to use the service you are offering. This can be such a convenient way especially if you already have LDAP running within your set-up. There is no hassle involved in creating fresh credentials and that if efficiency.

Thank you for visiting and going through materials on the blog. Other interesting guides are listed below for you.

How To remove Apache welcome/test page on CentOS 7/8

Install Varnish Cache 6 for Apache/Nginx on CentOS 7

How To Install phpMyAdmin with Apache on Debian 10 (Buster)

Install Apache with mod_ssl & mod_http2 on CentOS 8 / RHEL 8

As an appreciation for the content we put out,
we would be thrilled if you support us!


As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online.

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee.

LEAVE A REPLY

Please enter your comment!
Please enter your name here