Stats for vhost alias/subdomain dont work
Summary
If statistics are set for vhost alias or vhost subdomain, access will give an internal server error.
For vhost alias and vhost subdmain the stats older will be created in $web_folder folder (good) But the htpasswd file is always created under /web/stats/. There is no stats folder there because the folder is created unter $web_folder. Therefore the htpasswd file should always be placed in the $web_folder. From my point of view it is also better because there is no overlapping of the paths for vhost and vhost-alias/subdomain logins.
Proposed fix
/server/plugins-available/apache2_plugin.inc.php
Current code: (Line 1938)
if($data['new']['stats_type'] != '') {
if(!is_dir($data['new']['document_root'].'/' . $web_folder . '/stats')) $app->system->mkdir($data['new']['document_root'].'/' . $web_folder . '/stats');
$ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$data['new']['document_root']."/web/stats/.htpasswd_stats\nrequire valid-user\nDirectoryIndex index.html index.php\nHeader set Content-Security-Policy \"default-src * 'self' 'unsafe-inline' 'unsafe-eval' data:;\"\n<Files \"goaindex.html\">\nAddDefaultCharset UTF-8\n</Files>\n";
$app->system->file_put_contents($data['new']['document_root'].'/' . $web_folder . '/stats/.htaccess', $ht_file);
$app->system->chmod($data['new']['document_root'].'/' . $web_folder . '/stats/.htaccess', 0755);
unset($ht_file);
if(!is_file($data['new']['document_root'].'/web/stats/.htpasswd_stats') || $data['new']['stats_password'] != $data['old']['stats_password']) {
if(trim($data['new']['stats_password']) != '') {
$htp_file = 'admin:'.trim($data['new']['stats_password']);
$app->system->web_folder_protection($data['new']['document_root'], false);
$app->system->file_put_contents($data['new']['document_root'].'/web/stats/.htpasswd_stats', $htp_file);
$app->system->web_folder_protection($data['new']['document_root'], true);
$app->system->chmod($data['new']['document_root'].'/web/stats/.htpasswd_stats', 0755);
unset($htp_file);
}
}
}
Possible Fix:
if($data['new']['stats_type'] != '') {
if(!is_dir($data['new']['document_root'].'/' . $web_folder . '/stats')) $app->system->mkdir($data['new']['document_root'].'/' . $web_folder . '/stats');
$ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$data['new']['document_root']."/".$web_folder."/stats/.htpasswd_stats\nrequire valid-user\nDirectoryIndex index.html index.php\nHeader set Content-Security-Policy \"default-src * 'self' 'unsafe-inline' 'unsafe-eval' data:;\"\n<Files \"goaindex.html\">\nAddDefaultCharset UTF-8\n</Files>\n";
$app->system->file_put_contents($data['new']['document_root'].'/' . $web_folder . '/stats/.htaccess', $ht_file);
$app->system->chmod($data['new']['document_root'].'/' . $web_folder . '/stats/.htaccess', 0755);
unset($ht_file);
if(!is_file($data['new']['document_root'].'/'.$web_folder.'/stats/.htpasswd_stats') || $data['new']['stats_password'] != $data['old']['stats_password']) {
if(trim($data['new']['stats_password']) != '') {
$htp_file = 'admin:'.trim($data['new']['stats_password']);
$app->system->web_folder_protection($data['new']['document_root'], false);
$app->system->file_put_contents($data['new']['document_root'].'/'.$web_folder.'/stats/.htpasswd_stats', $htp_file);
$app->system->web_folder_protection($data['new']['document_root'], true);
$app->system->chmod($data['new']['document_root'].'/'.$web_folder.'/stats/.htpasswd_stats', 0755);
unset($htp_file);
}
}
}