![]() ![]() Server.modules += ( "mod_auth", "mod_authn_file" )Ī = "/etc/lighttpd/er" Modify /etc/lighttpd/nf adding the following lines to enable the directory protection: # echo "$user:$realm:$hash" > /etc/lighttpd/er $ hash=`echo -n "$user:$realm:$password" | md5sum | cut -b -32` The setup requires a specific format and md5sum hashed password but users can quickly and easily create an entry using the following as an example: A passwd file which is lighttpd's equivalent to the system's /etc/passwd is needed for user authentication. Note that this module requires mariadb-libs to be installed. To redirect all hosts for part of the site (e.g. To redirect all hosts to their secure equivalents, use the following in place of the socket 80 configuration above: You should add "mod_redirect" in server.modules array in /etc/lighttpd/nf: ![]() See bootstrap Let's Encrypt in the lighttpd documentation for details. Ssl.pemfile = "/etc/letsencrypt/live/ domain/fullchain.pem" Ssl.privkey = "/etc/letsencrypt/live/ domain/privkey.pem" See lighttpd TLS configuration for details.Īlternatively, generate a certificate signed by Let's Encrypt.Įdit /etc/lighttpd/nf by adding the following lines: Ssl.pemfile = "/etc/lighttpd/certs/server.pem" Modify /etc/lighttpd/nf adding the following lines to enable https: # chmod 600 /etc/lighttpd/certs/server.pem # openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -sha256 -keyout /etc/lighttpd/certs/server.pem -out /etc/lighttpd/certs/server.pem Self-signed SSL Certificates can be generated assuming openssl is installed on the system as follows: After setting up SSL, you can use Qualys SSL Labs SSL Server Check to check your configuration.Mozilla has an SSL configuration generator that can be used with lighttpd.To enable the access log, edit /etc/lighttpd/nf as follows:Īccesslog.filename = "/var/log/lighttpd/access.log" The error log is enabled by default (controlled by the server.errorlog option). Lighttpd can write out both errors and access to log files. Then start/enable the rvice and point your browser to localhost, where you should see the test page.Įxample configuration files are available in /usr/share/doc/lighttpd/. To test the installation, create a dummy file: The default configuration file specifies /srv/http/ as the document directory served. $ lighttpd -t -f /etc/lighttpd/nfĪ more thorough preflight check is also available: To check your nf for bugs you can use this command (helps finding misconfigurations very quickly): By default it should produce a working test page. The lighttpd configuration file is: /etc/lighttpd/nf. Its advanced feature-set ( FastCGI, CGI, Auth, Output-Compression, URL-Rewriting and many more) make lighttpd the perfect webserver-software for every server that suffers load problems." It has a very low memory footprint compared to other webservers and takes care of cpu-load. ![]() Lighttpd is "a secure, fast, compliant, and very flexible web server that has been optimized for high-performance environments. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |