User Authentication by Site or Subdirectory
Authentication is the process of confirming a user’s identity, and it provides a way to ensure that only legitimate users create content on your site. Authentication is set up through OpenLiteSpeed’s WebAdmin Console and may be applied to the whole site (
"/"), or only a subdirectory (
/protected/, for example).
OLS WebAdmin runs as
lsadm:lsadm. It doesn’t have permission to access your
$VH_ROOT. The recommended realm password file location is at
$SERVER_ROOT/conf/vhosts/$VH_NAME/htpasswd, and realm group file location is at
You may wish to manually create the
htpasswd file through the command line via the
htpasswd command, but you will need to make sure that the file is readable by
lsadm and the user that runs the web server, usually
nobody. Without read access, it may not work.
Add or Edit Authorization Realms Database
If you don’t have an Authorization Realms database, you need to create one. Within OLS WebAdmin, navigate to Virtual Host Configuration > Security > Realm List. Click + to add a new one, or click the Edit icon to edit an existing one.
Set User DB Location to
$SERVER_ROOT/conf/vhosts/$VH_NAME/htpasswd and Group DB Location to
$SERVER_ROOT/conf/vhosts/$VH_NAME/htgroup. If either of the files don’t exist, you will need to click CLICK TO CREATE.
You should see
/usr/local/lsws/conf/vhosts/Example/htpasswd has been created successfully.
/usr/local/lsws/conf/vhosts/Example/htgroup has been created successfully.
if all goes well.
Click the Save button.
Create an Authorized User
Hover over User DB Location and click the file path.
This will bring you to the user and password setup screen, where you can click + to add a user and password.
Set User Name as desired. In this example, we used
test. Set New Password to whatever you wish (again, we used
test), and verify the password in the Retype Password field.
Add Access Required by Context
Depending on whether you want to apply the authentication to the whole site or to just a subdirectory, you will either edit/create the
/ context or edit/create a subdirectory context (for example, a
/protected/ context for the site’s
In the following example, we will show you how to apply the authentication realm to the /protected/ subdirectory.
Click + to add a
/protected/ static context if it doesn’t exist, or click the Edit icon, it if already does.
Set the following values:
– Realm: Select the realm you created/edited in the previous steps.
– Authentication Name: Give it any name you like.
– Require (Authorized Users/Groups): You can leave this blank, and it will pick up any user or group defined in the password file. Or, you can specify particular user(s) to have access to this context.
– Access Allowed