Hi all

Could do with some help if anybody knows about this stuff :-

Our TAC1 members area is now too big to fit on the one server so I need to spill over onto a second box.

Problem is you cant share an htpasswd file across 2 servers so to authenticate users on both systems, I need to replace the htpasswd file with a SQL database which is not a problem in itself

However, I have no idea what the htaccess file should look like in order to query the SQL database as opposed to an htpasswd file

I know it can be done as ive seen some stuff on apache.org

Has anybody else had to do this and if so, would appreciate any pointers

Thanks

Its too big in what way? There is no limit to the amount of disk space you can put behind a box though obviously if its processing power then thats a seperate issue.

Is it not possible to replicate the htpasswd file to the second server so you modify / update it on the first server and then on saving it is replicated to the second server? Adding a database seems overkill just to do this......

Your .htaccess will look something like this:

AuthType Basic
AuthName "Members Only Page"

Auth_MYSQLhost localhost
Auth_MYSQLusername root
Auth_MYSQLpassword password
Auth_MYSQLdatabase dbname
Auth_MYSQLpwd_table passwordtable
Auth_MYSQLuid_field usernamefield
Auth_MYSQLpwd_field passwordfield
Auth_MYSQL_EncryptedPasswords off
require valid-user

Full info at http://modauthmysql.sourceforge.net/CONFIGURE
more info at http://www.google.co.uk/search?hl=enq=htaccess+%22Auth+MySQL%22+apache

cann you not simply add a new harddrive or replace the harddrive?

I thought you could.

Not sure what password protection script that you use but i know strongbox allows you to authenticate against a mysql database.

The modauthmysql solution that thatman suggested will also do the trick :)

Its not only storage that we have run out of (the server is already maxed out on disk space) but also the htpasswd file itself is getting too big.

Each time somebody clicks a link in the members area it has to load the whole htpasswd file and search through thousands of logons to authenticate which puts a big load on the server

Our TAC1 members area is now too big to fit on the one server so I need to spill over onto a second box.

Problem is you cant share an htpasswd file across 2 servers so to authenticate users on both systems, I need to replace the htpasswd file with a SQL database which is not a problem in itself


You don't necessarily need to do this - there's other ways of replicating the .htpasswd file, such as rsync, which is just a slightly posh way of copying it from one box to another. The issue with moving to an SQL-based access control system will be that all of your billing/password management stuff will have to be pointed at that, rather than the old .htpasswd file, and you'll have to get all the data from the old into the new.

Alternatively, as others have already said, add another hard drive. This'll deal with one other annoyance for your users, which is that they'd need to log on to both of your servers separately, albeit with the same username and password on each.

--Dave

We use 2 servers on ukwoo.com one for the site and one for the chat room & instant messenger.

They must talk to each other somehow because you would never know that the site operated from 2 servers 12,000 miles apart.


:cheers2:

mod_auth_mysql is a piece of shit you are much better off using a bit of PHP

The main problem I found with it is was when you use it will authenticate every hit so if someone pulls 20 thumbnails it authenticates each request so thats like 20 mysql queries on any busy site that will bring your mysql server to its knees fast

or maybe I set it up wrong I dunno

mod_auth_mysql is a piece of shit you are much better off using a bit of PHP

The main problem I found with it is was when you use it will authenticate every hit so if someone pulls 20 thumbnails it authenticates each request so thats like 20 mysql queries on any busy site that will bring your mysql server to its knees fast

or maybe I set it up wrong I dunno

I believe thats how it works with a standard htpasswd file aswell ie it authenticates every click by loading the whole htpasswd file each time

When Paul coms through I'll get him to have a look, he might not be any use but it's worth a shot :)

Thanks Words and everybody

Some usefull stuff coming back

I believe thats how it works with a standard htpasswd file aswell ie it authenticates every click by loading the whole htpasswd file each time

yea unless you set it up to it probably will work like that
the problem is when its mysql requests it uses more resources
and when its remote mysql requests (IE its looking up everything at another server) its even more fubar


I suggest you get a bit of PHP that does a lookup and auto include in the actual pages (referer protect the images and videos)
also maybe have a crontab running every hour to duplicate the mysql from the main server and if the PHP can't find a use in the local then have it try the remote so that new users won't be locked out

I suggest you get a bit of PHP that does a lookup and auto include in the actual pages (referer protect the images and videos)
also maybe have a crontab running every hour to duplicate the mysql from the main server and if the PHP can't find a use in the local then have it try the remote so that new users won't be locked out

Good idea but we have over 1 million pages already created and theres no way Im gonna edit all that lot

Im guessing that querying a SQL database would be a lot less of a load than loading up a flat htpasswd file with 3000 or so logins in it for every click, which is what we are doing at the moment.

Another alternative is to use mod_auth_dbm - it uses a flat file Berkley DB database (i.e. you can rsync/copy it to multiple servers)

It functions effectively the same way as a .htpasswd file except it doesn't read the entire file - the file is indexed by username

See http://httpd.apache.org/docs/1.3/mod/mod_auth_dbm.html

The other benefit of DBM files is that it is very little change for you - modify your .htaccess file to use DBM instead of .htpasswd

Whatever script you have that is currently modifying your .htpasswd file can likely be very easily modified to modify a DBM file instead

Good idea but we have over 1 million pages already created and theres no way Im gonna edit all that lot


hell no! you just add a line in the webserver config and it auto includes the PHP
at the top of every HTML page php_append=/path/to/file.php or something it is

Im guessing that querying a SQL database would be a lot less of a load than loading up a flat htpasswd file with 3000 or so logins in it for every click, which is what we are doing at the moment.

not for the webserver but for mysql probably

I dunno try it and see I am just saying what happenned when I tried to use it a few years back, also there are two modules mod_auth_mysql and mod_mysql_auth I think and one is a bigger piece of shit than the other
but they are both POS IMHO

DBM is a much better idea if you don't fancy doing some php to mysql shit

Have you got MSN, Paul can talk to you over there, says he knows how to sort it lol :)

He is webmaster@thesolarapex.com on MSN