University of Engineering &

Technology, Taxila

Faculty of Telecommunication & Information Engineering

B.Sc. Computer Engineering

Lab No. 05

System Programming
(CP-410)

Name: Muneeb Ur Rahman

Roll No: 21-CP-73
Semester: 8th (21CP)
Sec: Alpha

Password Protected Website on CentOS

Objective:
The objective of this lab was to learn how to secure websites using password authentication and
SSL certificates. Additionally, we explored the deployment of a Squid proxy server for internet
access control and caching.

Task 1: Creating a Password-Protected Website

Steps:
1. Creating a User Database File:
o The .htpasswd file was created using the htpasswd command.
o A user and encrypted password were added to the file. o The following
command was used to create a user named usman21
htpasswd -c /etc/httpd/.htpasswd usman21

2. Configuring .htaccess File:

o A .htaccess file was created in the DocumentRoot of the website. o The
file contained the following lines to enforce authentication:
AuthType Basic
AuthName "members only!" AuthUserFile /var/www/.htpasswd
Require valid-user

3. Modifying the Apache Configuration File:

o The AllowOverride parameter was updated in
/etc/httpd/conf/httpd.conf. o The following directive was
added:

<Directory "/var/www/html">
AllowOverride All
 </Directory>

4. Verifying the Configuration:

o The website was accessed through a browser to ensure authentication was
required. o The following command was used to restart Apache:
o systemctl restart httpd
Task 2: Installing and Configuring SSL Certificates
Steps:
1. Installing Required Packages:
o The following packages were installed: o yum install
httpd openssl mod_ssl –y
2. Generating SSL Certificates:
o A new directory named certs was created: o mkdir
/etc/httpd/certs o OpenSSL was used to generate a
self-signed SSL certificate:
o openssl req -new -x509 -days 365 -nodes -out
/etc/httpd/certs/server.crt -keyout /etc/httpd/certs/server.key

3. Updating Apache Configuration:

o The ssl.conf file was updated with the correct certificate
paths:
o SSLCertificateFile /etc/httpd/certs/server.crt o
SSLCertificateKeyFile
/etc/httpd/certs/server.key

4. Restarting Apache Service:

o The httpd service was restarted: o systemctl restart
httpd o The installation was verified using:
o openssl s_client -connect localhost:443
Task 3: Deploying a Squid Proxy Server
Steps:
1. Installing Squid:
o The system was checked for existing Squid installations: o yum list
installed | grep squid o Squid was installed using: o yum install
squid –y
2. Configuring Squid Server:
o The configuration file /etc/squid/squid.conf was modified. o An
Access Control List (ACL) was created to allow specific client IPs:
o acl allowed_clients src 192.168.1.0/24 o http_access allow
allowed_clients o The http_port was updated:
o http_port 3128

3. Restarting and Enabling Squid Service:

o Squid service was restarted and enabled at boot:
o systemctl restart squid
o systemctl enable squid

4. Updating Firewall Rules:

o Port 3128 was added to the firewall rules:
o firewall-cmd --add-port=3128/tcp --permanent o firewall-cmd –-
reload
 5. Configuring Client Proxy Settings:

Linux: export

http_proxy="http://192.168.1.1:3128"

Internet access was tested through Squid.

Results and Observations:
• Successfully implemented user authentication for website access.
• Installed SSL certificates to encrypt website traffic.
• Deployed Squid proxy server to regulate internet usage and improve caching
performance.
• Verified that users were required to authenticate before accessing restricted websites.
• Confirmed that SSL encryption was properly applied to the websites.
• Ensured that the Squid proxy server was functioning correctly by caching and filtering
requests.