Sigh. OK, I've got all the IP/router stuff done. Kewl. Now to give it some password security! First thing I tried was the security settings within Zoneminder. Looked good, got to where login was needed for user "admin" on a password I set, cool, except couldn't see any images anymore - local or remote. Checked the security restrictions on user "admin", it's supposed to have all possible rights per the ZM management screens. WTF? Turn off login security in ZM and sure enough, I can see my cameras again. God. Dammit. Well by now I'm convinced that ZM is buggier than an ant farm anyways, so to heck with it, this thing is running Apache, I oughta be able to control it there, right? Heh. I ask about it on TFUG and Matt was kind enough to provide a link to a decent-looking tutorial on Apache security: On Fri, Jul 3, 2009 at 4:57 PM, Matt Jacob wrote: > If you're running Apache as your web server, it's fairly trivial to > set up HTTP Basic Authentication: > > http://httpd.apache.org/docs/2.2/howto/auth.html > > Matt Ehhhh...it ain't working. Hmmmm. So let's go over what I did, see if I blew it? (Given I've never run the back-end to a website EVER, not unlikely...) OK, here's exactly what I did: 1) I figured out where my web-stuff was sitting (including index.html): /var/www 2) I put a file there name of .htaccess containing: --- AuthType Basic AuthName "Restricted Files" # (Following line optional) AuthBasicProvider file AuthUserFile /usr/local/apache/passwd/passwords Require user zmuser --- 3) I made sure the directory /usr/local/apache/passwd/passwords existed with everybody-can-read-it permissions (only root can write). 4) I ran the command: sudo htpasswd -c /usr/local/apache/passwd/passwords zmuser ...and gave it a password DIFFERENT from the user login password (user is logging into XUbuntu as zmuser and passwords are NOT default). And...shouldn't that have done it? Yet it acts like there's still no security at all. There's directories under /var/www that contain data being served - should I copy that .htaccess file down into them? Note that I don't need separate user access levels for multiple users...there's just the shop owner going to use this. Thanks! Jim --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss