5.1 KiB
Managing Admin Users - Post-ERG
Quick guide to manage admin users for the Post-ERG admin panel.
🎯 Quick Commands
Interactive Menu (Recommended)
# From your local machine
just manage-admin-users
# Then on the server
ssh xamxam
sudo bash /tmp/manage-admin-users.sh
This gives you an interactive menu to:
- List all users
- Add new user
- Change user password
- Delete user
- Reset all (start fresh)
📝 Manual Commands
List Current Users
ssh xamxam
sudo cut -d: -f1 /etc/nginx/.htpasswd-xamxam
Change Password for Existing User
ssh xamxam
sudo htpasswd /etc/nginx/.htpasswd-xamxam username_here
You'll be prompted to enter the new password twice.
Add New User
ssh xamxam
sudo htpasswd /etc/nginx/.htpasswd-xamxam new_username
Delete User
ssh xamxam
sudo htpasswd -D /etc/nginx/.htpasswd-xamxam username_to_delete
Reset Everything (Start Fresh)
ssh xamxam
sudo htpasswd -c /etc/nginx/.htpasswd-xamxam new_username
⚠️ Warning: The -c flag creates a new file, deleting all existing users!
🚀 Deploy Management Script
To upload the interactive management script to the server:
# From your local machine
just manage-admin-users
# Or manually:
rsync -v scripts/manage-admin-users.sh xamxam:/tmp/manage-admin-users.sh
🔑 Current Setup
After deployment, your admin panel has:
- URL: https://xamxam.erg.be/admin/
- Current user:
test_posterg_22@ - Password: Set during initial deployment
💡 Common Scenarios
Scenario 1: Change Current Password
ssh xamxam
sudo htpasswd /etc/nginx/.htpasswd-xamxam test_posterg_22@
# Enter new password when prompted
Scenario 2: Change Username
Since you can't rename users, you need to:
ssh xamxam
# Add new user
sudo htpasswd /etc/nginx/.htpasswd-xamxam new_username
# Delete old user
sudo htpasswd -D /etc/nginx/.htpasswd-xamxam test_posterg_22@
Scenario 3: Forgot Username
ssh xamxam
sudo cut -d: -f1 /etc/nginx/.htpasswd-xamxam
Scenario 4: Multiple Admins
ssh xamxam
# Add second admin
sudo htpasswd /etc/nginx/.htpasswd-xamxam admin2
# Add third admin
sudo htpasswd /etc/nginx/.htpasswd-xamxam admin3
All users can log into /admin/ with their own credentials.
Scenario 5: Start Over with New Username
ssh xamxam
# This will DELETE ALL existing users and create a new one
sudo htpasswd -c /etc/nginx/.htpasswd-xamxam new_admin
🧪 Testing
After changing users/passwords:
# Test that password is required
curl -I https://xamxam.erg.be/admin/
# Should return: 401 Unauthorized
# Test with credentials
curl -u username:password https://xamxam.erg.be/admin/
# Should return: 200 OK
No nginx reload needed - changes take effect immediately!
📊 Password File Details
Location: /etc/nginx/.htpasswd-xamxam
Format: Standard Apache htpasswd format
username:$apr1$encrypted_password_hash
Permissions:
-rw-r--r-- root root /etc/nginx/.htpasswd-xamxam
🔒 Security Tips
-
Use Strong Passwords
# Generate a strong password openssl rand -base64 32 -
Avoid Common Usernames
- ❌ Bad:
admin,administrator,root - ✅ Good:
xamxam_admin,erg_webmaster
- ❌ Bad:
-
Regular Password Changes
- Change passwords every 3-6 months
- Change immediately if compromised
-
Monitor Access
# Check who's accessing the admin panel ssh xamxam sudo grep "admin" /var/log/nginx/xamxam_access.log -
Backup Password File
ssh xamxam sudo cp /etc/nginx/.htpasswd-xamxam /etc/nginx/.htpasswd-xamxam.backup
🆘 Troubleshooting
"401 Unauthorized" even with correct password
Check file exists:
ssh xamxam
ls -la /etc/nginx/.htpasswd-xamxam
Verify user exists:
sudo cat /etc/nginx/.htpasswd-xamxam
Check nginx config:
sudo grep -A 5 "auth_basic" /etc/nginx/sites-available/xamxam
Can't change password - "command not found"
Install apache2-utils:
ssh xamxam
sudo apt update
sudo apt install apache2-utils
Password file got deleted
Recreate it:
ssh xamxam
sudo htpasswd -c /etc/nginx/.htpasswd-xamxam new_admin
📞 Quick Reference
| Task | Command |
|---|---|
| Interactive menu | sudo bash /tmp/manage-admin-users.sh |
| List users | sudo cut -d: -f1 /etc/nginx/.htpasswd-xamxam |
| Change password | sudo htpasswd /etc/nginx/.htpasswd-xamxam username |
| Add user | sudo htpasswd /etc/nginx/.htpasswd-xamxam newuser |
| Delete user | sudo htpasswd -D /etc/nginx/.htpasswd-xamxam username |
| Reset all | sudo htpasswd -c /etc/nginx/.htpasswd-xamxam newuser |
| Generate password | openssl rand -base64 32 |
✅ After Making Changes
No action needed! Changes to the password file take effect immediately.
You can verify with:
curl -u username:password https://xamxam.erg.be/admin/
Remember: Store passwords securely using a password manager! 🔐