Apache Asking for HTPassword Twice

randac56

Member
May 25, 2018
915
0
16
I have both my ruTorrent site (.../rutorrent/) and SCGIMount (.../RPC2) secured in Apache with HTPassword:

Code:
SCGIMount /RPC2 127.0.0.1:5001
<Location /RPC2>
AuthType Basic
AuthName "rTorrent secure access"
AuthBasicProvider file
AuthUserFile /var/apache/passwords
Require user blah
</Location>
<Location /rutorrent>
Options Indexes FollowSymlinks MultiViews
#AllowOverride None
Order allow,deny
allow from all
AuthType Basic
AuthName "ruTorrent"
AuthUserFile /var/apache/passwords
Require user blah
</Location>
Because of this, when I access the ruTorrent WebUI, I get two password prompts. Is there a better way to pull this off without exposing RPC2?
 

randac56

Member
May 25, 2018
915
0
16
Same thing. It asks for the rutorrent password first, since that's the URL I'm hitting, and once I'm in it asks for the RPC2 password, since that's what rutorrent communicates through.
 

peshua19

Member
May 25, 2018
897
0
16
you could put the RPC mount inside the rutorrent dir, that way it should be secured by the same password
 

randac56

Member
May 25, 2018
915
0
16
That's a good idea. Before I do this, I have a question concerning the ruTorrent config.php. I have both these lines:

Code:
$scgi_port = 5001;
$scgi_host = "127.0.0.1";
..and this line:

Code:
$XMLRPCMountPoint = "/RPC2";
I thought the point of the XMLRPCMountPoint line was to use Apache's SCGIMount feature to access the scgi socket. If ruTorrent can access the scgi socket itself anyway, wouldn't this be redundant?
 

lisas4567

Member
May 25, 2018
773
0
16
scgi is the handler
so in apaches config put your scgi mounts inside of /rutorrent
and enclose /rutorrent with auth_digest (recommended) or basic
Code:
SCGIMount /rutorrent/username 127.0.0.1:port
Code:
AuthType Digest
AuthName "ruTorrent"
AuthDigestProvider file
AuthUserFile /etc/apache2/.rutorrentpasswd
Require valid-user
Code:
$XMLRPCMountPoint = "/rutorrent/username";
 

saroos1

Member
May 25, 2018
718
0
16
scgi is the handler
so in apaches config put your scgi mounts inside of /rutorrent
and enclose /rutorrent with auth_digest (recommended) or basic
Code:
SCGIMount /rutorrent/username 127.0.0.1:port
Code:
AuthType Digest
AuthName "ruTorrent"
AuthDigestProvider file
AuthUserFile /etc/apache2/.rutorrentpasswd
Require valid-user
Code:
$XMLRPCMountPoint = "/rutorrent/username";
If I haven't wrong, I think :
Code:
$scgi_port = 5001;
$scgi_host = "127.0.0.1";rtorrent => rutorrent

AND

Code:
$XMLRPCMountPoint = "/RPC2";rutorrent => rtorrent
 

simur612

Member
May 25, 2018
879
0
16
apache is probably asking for it twice because you probably set up password protection on both /RPC2 and / with different authnames.
 

peshua19

Member
May 25, 2018
897
0
16
That's a good idea. Before I do this, I have a question concerning the ruTorrent config.php. I have both these lines:

Code:
$scgi_port = 5001;
$scgi_host = "127.0.0.1";
..and this line:

Code:
$XMLRPCMountPoint = "/RPC2";
I thought the point of the XMLRPCMountPoint line was to use Apache's SCGIMount feature to access the scgi socket. If ruTorrent can access the scgi socket itself anyway, wouldn't this be redundant?
because rutorrent uses one for one thing and one for something else.

It uses one for adding torrents and sending commands directly to rtorrent, and uses the other for reporting. Originally, before 3.0, these 2 settings were even in different config files (there was a config.js and a config.php)
 

randac56

Member
May 25, 2018
915
0
16
Awesome! Thanks for the help everyone. It's working great now, and I know a bit more about what's going on in the back-end.