[KLUG Members] Apache LocationMatch question

[Adam bultman]

Phillip Hofmeister wrote:

> Adam bultman wrote:
>
>>Has anybody had experience using LocationMatch in apache?
>>
>>I'm trying to selectively lock down Apache for awstats. I wish to have
>>awstats.pl be available for customers to use, but I don't want them to
>>be able to see each other's configurations.
>>
>>I've got something like this:
>>
>><LocationMatch "/awstats/awstats.pl?config=myconfig">
>>    AuthName "Stats"
>>    AuthType Basic
>>    AuthUserFile conf/stats.users
>>    Order Allow,Deny
>>    Require valid-user
>>    Satisfy any
>></LocationMatch>
>>
>>I want to have other config= options available for each client.
>>
>>The problem is that when I surf to the page, LocationMatch either doesn'
>>match correctly (I've tried throwing in an asterisk after myconfig too)
>>or it simply doesn't work. 
>>
>>I've googled, read the manual, looked on the web for examples, but I
>>can't get it to work .
>>
>>Anybody had this or tried this?
>>  
>>
> Part of AWStats configuration is to allow only certain HTTP User's to
> access that config file.
>
> Here's what I do:
>
>    1. Maintain a seperate config file for each client
>    2. Maintain a seperate apache log file for each client
>    3. Make awstats available via Basic HTTP Authication Only
>    4. Tweak each fonfig file to allow only the desired HTTP Auth
>       user's to access it.
>
> Let me know if you have any more specific questions.
>
Thanks.  I already do 1-3. 
After looking through the awstats config file with a fine toothed comb,
I did see that - and have turned that on.

My problem with #4 is that I currently have 72 domains to run stats for.
In order to make sure that new domains get added without my intevention,
I've written a script that checks for all domains from the mysql
reporting database, and regenerates the configuration files each night. 
This again, makes sure I have config files for ALL domains, that none
get left behind, that I don't need to manage configuration files by hand
as I add new sites, and most importantly, it allows me to make changes
to ALL configuration files without hand-editing 72 config files or
running sed on all the configuration files. 

I've edited the "model" configuration script that my generation script
uses to include a list of default users, as well as a user for each
domain (the domain name).  My problem here is when a user logs in - say,
as www.glaven.org - and then goes to another site for them, say
www.glavenstore.com, they cannot access the different stats site without
closing IE or firefox,  re-opening, and then logging in as the new user.   

The bonus of LocationMatch is that I could make a locationmatch, and
have a a master user for each customer instead of a specific one. 
However, even with more searching it seems like I might be out of luck.

Thanks anyway.