If you have a very busy server and large username/password lists stored in text files, using the MYSQL relational database can greatly increase your server's performance and simplify tasks such as adding users and looking up lost passwords.

• You must know how to compile and install the Apache Server.
• You need to know how install & administer the MYSQL server.

• MOD_AUTH_MYSQL: http://bourbon.netvision.net.il/mod_auth_mysql/
• APACHE SERVER: http://www.apache.org/httpd.html
• An extra server that isn't doing anything- or your production server and nerves of steel!

STEP 1: Unpack your Apache tar file into a directory such as /tmp/ resulting in the Apache file being located in a directory such as /tmp/apache_1.3.6 (write this on a piece of paper)

Important! Starting with Apache 1.3.14 you must:

cd src/include
ln -s ap_alloc.h alloc.h

STEP 2: Unpack your mod_auth tar file into your /tmp directory which will create something like /tmp/mod_auth_mysql_2.20

STEP 3: Assuming you have MYSQL installed already, make a note of the location of it's directory, such as /usr/local/mysql-3.22.23b-pc-linux-gnu-i686 (write this on a piece of paper). If you don't already have MYSQL installed, now would be a wonderful time to think about doing it! Also make sure your MSQL server is up and running.

If you haven't done so already, you should make a link using the ln command so you don't have to always type the full name out. As an example:

ln -s mysql-3.22.23b-pc-linux-gnu-i686 mysql

This way your path to MYSQL would just be /usr/local/mysql. Much easier!

STEP 5: Change directories to where you dumped the mod_auth_mysql files to, such as /tmp/mod_auth_mysql_2.20

STEP 6: Read the README file. The basic idea is to do this:

./configure --with-mysql=/usr/local/mysql --with-apache=/tmp/apache_1.3.6

note: the values above should be the values you wrote down during steps 1 and 3.

make

You should end up with a line telling you what to do when you configure apache, such as:

--activate-module=src/modules/auth_mysql/libauth_mysql.a

./configure --activate-module=src/modules/auth_mysql/libauth_mysql.a
plus whatever other options you use

make

make install

STEP 8: If you already have a database that can contain the table holding your usernames and passwords, you can skip this step. If you either do not have a database, then use the mysqladmin command to create a new database, such as:

mysqladmin create mydatabase

     create table mysql_auth
     (
        username char(50) not null,
        passwd char(25),
        groupname char(25)
     );
     create unique index mysqlauthix1 on mysql_auth(username);
     grant all on mysql_auth to nobody;

     Note: I have had no problems with using a character length 
           of 50 for the username column.

STEP 10: Add the following line to your apache server's httpd.conf file:

        Auth_MySQL_Info localhost nobody nobody123

        Note that the arguments are hostname, username, and
        password.

STEP 11: DON'T PANIC if you see a whole bunch of mysql processes running instead of the usual 3. Each httpd gets it's own mysql!

STEP 12: Pick a directory under your web server's document root that you want to protect, and create a .htaccess file that looks like this:

AuthName "Your Login is Required"
AuthType Basic

<Limit GET POST>
   Auth_MySQL_DB mydatabase
   Auth_MySQL_Encrypted_Passwords off
   require valid-user
</Limit>
</PRE>

  #note: in this example I am NOT using encrypted passords.
  #      to use encrypted passwords, check the README file
  #      that comes with mod_auth_mysql for details...
  #      mydatabase should be replaced with the name of your
  #      database containing the auth_mysql table.

  insert into mysql_auth ( username, passwd, group)
   values ('fred', 'flinstone,'');