# Managing Admin Users - Post-ERG Quick guide to manage admin users for the Post-ERG admin panel. --- ## ๐ŸŽฏ Quick Commands ### Interactive Menu (Recommended) ```bash # From your local machine just manage-admin-users # Then on the server ssh xamxam sudo bash /tmp/manage-admin-users.sh ``` This gives you an interactive menu to: 1. List all users 2. Add new user 3. Change user password 4. Delete user 5. Reset all (start fresh) --- ## ๐Ÿ“ Manual Commands ### List Current Users ```bash ssh xamxam sudo cut -d: -f1 /etc/nginx/.htpasswd-xamxam ``` ### Change Password for Existing User ```bash ssh xamxam sudo htpasswd /etc/nginx/.htpasswd-xamxam username_here ``` You'll be prompted to enter the new password twice. ### Add New User ```bash ssh xamxam sudo htpasswd /etc/nginx/.htpasswd-xamxam new_username ``` ### Delete User ```bash ssh xamxam sudo htpasswd -D /etc/nginx/.htpasswd-xamxam username_to_delete ``` ### Reset Everything (Start Fresh) ```bash ssh xamxam sudo htpasswd -c /etc/nginx/.htpasswd-xamxam new_username ``` โš ๏ธ **Warning:** The `-c` flag creates a new file, deleting all existing users! --- ## ๐Ÿš€ Deploy Management Script To upload the interactive management script to the server: ```bash # From your local machine just manage-admin-users # Or manually: rsync -v scripts/manage-admin-users.sh xamxam:/tmp/manage-admin-users.sh ``` --- ## ๐Ÿ”‘ Current Setup After deployment, your admin panel has: - **URL:** https://xamxam.erg.be/admin/ - **Current user:** `test_posterg_22@` - **Password:** Set during initial deployment --- ## ๐Ÿ’ก Common Scenarios ### Scenario 1: Change Current Password ```bash ssh xamxam sudo htpasswd /etc/nginx/.htpasswd-xamxam test_posterg_22@ # Enter new password when prompted ``` ### Scenario 2: Change Username Since you can't rename users, you need to: ```bash ssh xamxam # Add new user sudo htpasswd /etc/nginx/.htpasswd-xamxam new_username # Delete old user sudo htpasswd -D /etc/nginx/.htpasswd-xamxam test_posterg_22@ ``` ### Scenario 3: Forgot Username ```bash ssh xamxam sudo cut -d: -f1 /etc/nginx/.htpasswd-xamxam ``` ### Scenario 4: Multiple Admins ```bash ssh xamxam # Add second admin sudo htpasswd /etc/nginx/.htpasswd-xamxam admin2 # Add third admin sudo htpasswd /etc/nginx/.htpasswd-xamxam admin3 ``` All users can log into `/admin/` with their own credentials. ### Scenario 5: Start Over with New Username ```bash ssh xamxam # This will DELETE ALL existing users and create a new one sudo htpasswd -c /etc/nginx/.htpasswd-xamxam new_admin ``` --- ## ๐Ÿงช Testing After changing users/passwords: ```bash # Test that password is required curl -I https://xamxam.erg.be/admin/ # Should return: 401 Unauthorized # Test with credentials curl -u username:password https://xamxam.erg.be/admin/ # Should return: 200 OK ``` No nginx reload needed - changes take effect immediately! --- ## ๐Ÿ“Š Password File Details **Location:** `/etc/nginx/.htpasswd-xamxam` **Format:** Standard Apache htpasswd format ``` username:$apr1$encrypted_password_hash ``` **Permissions:** ```bash -rw-r--r-- root root /etc/nginx/.htpasswd-xamxam ``` --- ## ๐Ÿ”’ Security Tips 1. **Use Strong Passwords** ```bash # Generate a strong password openssl rand -base64 32 ``` 2. **Avoid Common Usernames** - โŒ Bad: `admin`, `administrator`, `root` - โœ… Good: `xamxam_admin`, `erg_webmaster` 3. **Regular Password Changes** - Change passwords every 3-6 months - Change immediately if compromised 4. **Monitor Access** ```bash # Check who's accessing the admin panel ssh xamxam sudo grep "admin" /var/log/nginx/xamxam_access.log ``` 5. **Backup Password File** ```bash ssh xamxam sudo cp /etc/nginx/.htpasswd-xamxam /etc/nginx/.htpasswd-xamxam.backup ``` --- ## ๐Ÿ†˜ Troubleshooting ### "401 Unauthorized" even with correct password **Check file exists:** ```bash ssh xamxam ls -la /etc/nginx/.htpasswd-xamxam ``` **Verify user exists:** ```bash sudo cat /etc/nginx/.htpasswd-xamxam ``` **Check nginx config:** ```bash sudo grep -A 5 "auth_basic" /etc/nginx/sites-available/xamxam ``` ### Can't change password - "command not found" **Install apache2-utils:** ```bash ssh xamxam sudo apt update sudo apt install apache2-utils ``` ### Password file got deleted **Recreate it:** ```bash ssh xamxam sudo htpasswd -c /etc/nginx/.htpasswd-xamxam new_admin ``` --- ## ๐Ÿ“ž Quick Reference | Task | Command | |------|---------| | **Interactive menu** | `sudo bash /tmp/manage-admin-users.sh` | | **List users** | `sudo cut -d: -f1 /etc/nginx/.htpasswd-xamxam` | | **Change password** | `sudo htpasswd /etc/nginx/.htpasswd-xamxam username` | | **Add user** | `sudo htpasswd /etc/nginx/.htpasswd-xamxam newuser` | | **Delete user** | `sudo htpasswd -D /etc/nginx/.htpasswd-xamxam username` | | **Reset all** | `sudo htpasswd -c /etc/nginx/.htpasswd-xamxam newuser` | | **Generate password** | `openssl rand -base64 32` | --- ## โœ… After Making Changes No action needed! Changes to the password file take effect immediately. You can verify with: ```bash curl -u username:password https://xamxam.erg.be/admin/ ``` --- **Remember:** Store passwords securely using a password manager! ๐Ÿ”