Usermin and Apache

Like Webmin, Usermin can be run under Apache using a similar process. To set up Apache to run it, the steps to follow are :

  1. Create a new Apache virtual server with the document set to the directory where you installed Usermin, using a directive like DocumentRoot /usr/local/usermin.

  2. Configure Apache to treat all files with the .cgi extension as CGI programs, with the AddHandler cgi-script .cgi directive.

  3. Add index.cgi to the DirectoryIndex directive.

  4. Usermin CGI programs have their config directory passed to them in the WEBMIN_CONFIG, WEBMIN_VAR and MINISERV_CONFIG environment variables. For Apache to do this, you need to add the directives

    SetEnv WEBMIN_CONFIG /etc/usermin
    SetEnv WEBMIN_VAR /var/usermin
    SetEnv SERVER_ROOT /usr/local/usermin
    SetEnv MINISERV_CONFIG /etc/usermin/miniserv.conf
    SetEnv BASE_REMOTE_USER user

  5. Create a new <Directory> section for the root directory, like
    <Directory /usr/local/usermin>

  6. Add the directive Options ExecCGI to the new <Directory> section.

  7. Password-protect the virtual server by putting directives like
    AuthName Usermin
    AuthType basic
    AuthUserFile /etc/usermin/htusers
    require valid-user
    Inside the <Directory> section. The file /etc/usermin/htusers must contain an entry for every Unix user that you want to allow to login to Usermin.

  8. Make all the Usermin programs owned by root and setuid with the commands
    chown -R root:root /usr/local/usermin
    chmod -R 6755 /usr/local/usermin

  9. Add the -U flag to the perl line in all the Usermin scripts. This can be easily done with the following command run from the usermin directory
    find . -name "*.cgi" -o -name "*.pl" | perl "/usr/bin/perl -U" -
    This assumes that Perl is installed as /usr/bin/perl on your system.

  10. Configure Usermin to use the 'Default Usermin Theme', as Apache cannot support Usermin's theming system.

  11. Make sure that the setuid scripts cannot be run by other users on your system, by setting the permissions on /usr/local/usermin to 700 and changing its ownership to the user your webserver runs as. Otherwise any user would be able to execute any command as root by running some of the scripts.

You should now be able to start Apache and login to Usermin at whatever URL your Apache server is running on. Note that the Change Theme module will not work, but all others should.

Usermin In A Subdirectory

If you just want Usermin to be accessible via an URL subdirectory (like /usermin) on an Apache server without going to the trouble of configuring Apache to run the CGI scripts directly, there is a simpler method that can be used. This is also useful if your system is only accessible on port 80, and you want access to both Usermin and a normal website. The steps to follow are :

  1. Make sure mod_proxy is installed on your Apache webserver.

  2. Add the following directives to the Apache configuration file:
    ProxyPass /usermin/ http://localhost:20000/
    ProxyPassReverse /usermin/ http://localhost:20000/

  3. Add the lines webprefix=/usermin and webprefixnoredir=1 to /etc/usermin/config.

  4. Re-start Apache to apply the configuration.

All requests to /usermin on the Apache server will then be passed through to the Usermin server on localhost port 20000. All features should work fine, including themes, with the exception of IP access control (because as far as Usermin is concerned, all connections will be coming from localhost).

Usermin Via Proxy

This method can also be used to make Usermin accessible via an Apache virtual host, like The steps to follow are :

  1. Make sure mod_proxy is installed on your Apache webserver.

  2. Add a virtual host to your Apache configuration file like:
    <VirtualHost _default_>
    ProxyPass / http://localhost:20000/
    ProxyPassReverse / http://localhost:20000/

  3. Re-start Apache to apply the configuration.

No changes need to be made to /etc/usermin/config, because no prefix is appended to the URL path.