NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

ZapMePlease's avatar
ZapMePlease
Aspirant
Jun 10, 2016

Is it safe to upgrade Apache?

I have an older ReadyNAS NV+.  I'm trying to move my personal web server onto it.

 

I've got the service running and it all works fine but I'm trying to password protect some pages.

 

SO... I've made all the necessary changes to my httpd.conf file but page loads in the protected directory fail with a 500 Internal Server error anytime the .htaccess file loads.  Rewrites etc. work within .htaccess but as soon as I add the AuthUserFile directive it fails.

 

The error log shows the following error 

 

Apache .htaccess: Invalid command ‘AuthUserFile’, perhaps misspelled or defined by a module not included in the server configuration

 

This error indicates that I'm missing mod_authn_file.so at load time.

 

So... I edited the httpd.conf file and sure enough that module is not loading.  I would just add it at load time but the module is missing.  I've done a find / -name for the module but it's nowhere on the drive.

 

The version of Apache running on my ReadyNAS is 2.2.6 - so it's quite old.  

 

My question(s) is (are)

 

1 - is there a way to force Apache to grab the missing module from the repository

2 - is it safe for me to upgrade the version of Apache running on the ReadyNAS or do I risk losing FrontView

3 - if it's safe to upgrade what would the preferred method be?

 

Thanks in advance for any help.

 

mark

 

 

6 Replies

  • Retired_Member's avatar
    Retired_Member

    ZapMePlease wrote:

     

    2 - is it safe for me to upgrade the version of Apache running on the ReadyNAS or do I risk losing FrontView 


    If you upgrade Apache, there is always a chance you lose FrontView.

    I would advise you to at least take a full backup of your data and configuration before starting messing with Apache.

    If you do try to upgrade Apache, you should at least remain in the same 2.2 branch, to avoid hitting removed or changed configuration directives.

     

    What exactly can't you do with the current capabilities of the ReadyNAS? As far as I remember (not every day that SPARC 4.1 comes up), you can already restrict access to shares via HTTP to some users, no?

    • StephenB's avatar
      StephenB
      Guru - Experienced User

      jak0lantash wrote:

       

      What exactly can't you do with the current capabilities of the ReadyNAS? 


      He's installing his personal website and is having trouble with password protection of that site.

  • Retired_Member's avatar
    Retired_Member
    I understood that bit, but that's possible on OS4.2, natively. I'm accessing a share via HTTP and need to enter username & password.
    It's not possible on OS4.1?
    I'll habe to double check that as I don't remember.
    • StephenB's avatar
      StephenB
      Guru - Experienced User

      jak0lantash wrote:
      I understood that bit, but that's possible on OS4.2, natively. I'm accessing a share via HTTP and need to enter username & password.
      It's not possible on OS4.1?


      Yes, OS 4.1 also works that way.  http://nasname/sharename will give you a user/password prompt.

      • ZapMePlease's avatar
        ZapMePlease
        Aspirant

        Sorry - didn't respond to all.

         

        Yes - the OS will require a username/password but you can't set the folder security independently past th at  - it's all on the parent folder and propagates throughout the tree.  I want to leave the parent folder open.

         

        The other option which I'm considering is just do all the authentication with php.  That would look prettier but is a lot more work.  Especially since I'm having a bear of a time connecting to the mysql database on the readynas - I've been getting buffaloed at login.  I can do it internal to the ReadyNAS but not from externally even though I've bound the listening port to the IP of the NAS.  

         

        This unit was just never intended to be used this way, I think.

         

        mark

         

  • Coming from my commecial webhost what I'm accustomed to doing is simply setting up .htaccess in the protected folder that references AuthUserFile in a folder outside the web structure.  It's actually encrypted so it wouldn't matter anyways but oh well.

     

    My web page is basically just my own links and useless crap but I also have links to my home automation system that use a transparent proxy allowing me to control lighting, security system, temperature, etc.  I want to keep that stuff behind a password wall while leaving the rest of the site open to the web.

     

    .htaccess is simple but it just won't run on my ReadyNAS because of the missing module (maybe more missing modules too - I'm not sure what would break next).  

     

    The recommendation to stay within the 2.2 release is a good one.  I'm just scared to death to screw with the readynas through SSH.  I already lost frontview once through some changes to httpd.conf and it took me a while to sort through what I'd done.  

     

    Perhaps it's time to upgrade to a newer model.  The processor on this SPARC based machine is awfully slow.

     

    Any idea if there's a way to install a single module for apache without doing a full upgrade?

     

    mark

     

     

     

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More