I have a lighttpd server that I want to serve some files from. Unfortunately the server is currently set up to require password authentication and I want these files to be available publicly.
How can I make it so that files in a particular subdirectory do not require a password?
As a further complication, most of the stuff in the config file was set up by other admins so I'm trying to be very careful to not break any existing security settings.
# config stuff that I am hesitant to change
ssl.engine = "enable"
ssl.pemfile = "/etc/lighttpd/ssl/foo.pem"
ssl.ca-file = "/etc/pki/tls/certs/foo.cert"
auth.backend = "htdigest"
auth.backend.htdigest.userfile = "/etc/lighttpd/.passwd"
auth.debug = 2
$HTTP["url"] !~ "^(/portal/.*|/js/.*|/css/.*|/icons/.*|/favicon\.ico)" {
auth.require = (
"/" =>(
"method" => "digest",
"realm" => "Authorized users only",
"require" => "valid-user"
)
)
}
$HTTP["url"] =~ "^/portal" {
auth.require = (
"/portal" => (
"method" => "digest",
"realm" => "portal users",
"require" => "valid-user"
)
)
url.redirect = ( "" => "/portal/")
}
$HTTP["remoteip"] !~ "1.2.3.4|5.6.7.8" {
url.access-deny = ( "" )
}
# new directory that I want to make public
$HTTP["url"] =~ "^/public($|/)" {
dir-listing.activate = "enable"
}
I tried adding /public/* to the regexp for the first $HTTP["url"] !~ block, but that didn't work. I also tried disabling ssl.engine inside the block that matches /public($|/), but that didn't work either.
Best Answer
This setup works for me great for me, as already said in the comments: