opened image

Setting an individual password in Filegator

In order to provide personal access to your Filegator, you will need to set your unique password. A properly configured Filegator provides protection against unauthorized access to your data.

 

A secure password — is a key element in protecting your data.

 

In previous articles "How to Install FileGator on Centos 7. (Nginx-PHP-FPM)" and "How to Install FileGator File Manager on Centos 7. (Apache-Nginx)" we looked at how to install the open source Filegator file manager on a seversource server.

 

 In this article, we'll look at how to set the password we need to access the Filegator panel.

 

Set your password

 

When choosing a password, it's important to consider its uniqueness and complexity. Simple and well-known passwords such as "123456" or "password" are easy targets for hackers, and the standard password "admin" is not really a suitable alternative for a password.

All subsequent commands will be used to generate a password.

All the following commands will be used in the console. This solution is suitable for both Apache-Nginx and Nginx - PHP-FPM

 

Set the password:

 password_hash=your_pass

 

 

This command creates a password_hash variable to store your password. Replace your_pass with the desired password.

 

Generation of random «salt» for hashing

 salt="$2y$10$$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 22)"

 

 

This step generates a unique "salt", which will be used to create a hash of your password. "salt" provides additional security for hashing. For this purpose, we use the trait for password hashing and verification as part of FileGator.

 

 

Password hashing:

 hash=$(php -r ' require_once "/usr/share/filegator/backend/Utils/PasswordHash.php"; $password = "'"$password_hash"'"; $salt = "'"$salt"'"; $hash = crypt($password, $salt); echo $hash; ')

 

 

Here we use PHP to create a password hash using the previously generated "salt". The crypt() function creates a strong password hash, which is then stored in the hash variable.

 

Check the Filegator installation:

 wget -q http://$ip_server/filegator/

 

This step confirms that Filegator has been correctly installed and is accessible at the specified IP address. If you prefer visual verification, simply navigate to http://$ip_server/filegator/ in your web browser.

Address http://$ip_server/filegator/ in your web browser.

 

Update the configuration file with a new password hash:

Before the change, we see the password hash "admin"

 

 sed -i '0,/"password":/{s#"password":"[^"]*"#"password":""$hash""#}' /usr/share/filegator/private/users.json

 

This command updates the users.json configuration file in Filegator, replacing the default password hash with the newly created one.

 

Completion

.

You now have a customized and secure password to access Filegator. Change your password regularly to keep your system as secure as possible.