SIGN IN

    In order to provide personal access to your Filegator, you will need to set your unique password. A properly configured Filegator provides protection against unauthorized access to your data.

     

    A secure password — is a key element in protecting your data.

     

    In previous articles "How to Install FileGator on Centos 7. (Nginx-PHP-FPM)" and "How to Install FileGator File Manager on Centos 7. (Apache-Nginx)" we looked at how to install the open source Filegator file manager on a seversource server.

     

     In this article, we'll look at how to set the password we need to access the Filegator panel.

     

    Set your password

     

    When choosing a password, it's important to consider its uniqueness and complexity. Simple and well-known passwords such as "123456" or "password" are easy targets for hackers, and the standard password "admin" is not really a suitable alternative for a password.

    All subsequent commands will be used to generate a password.

    All the following commands will be used in the console. This solution is suitable for both Apache-Nginx and Nginx - PHP-FPM

     

    Set the password:

     password_hash=your_pass

     

     

    This command creates a password_hash variable to store your password. Replace your_pass with the desired password.

     

    Generation of random «salt» for hashing

     salt="$2y$10$$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 22)"

     

     

    This step generates a unique "salt", which will be used to create a hash of your password. "salt" provides additional security for hashing. For this purpose, we use the trait for password hashing and verification as part of FileGator.

     

     

    Password hashing:

     hash=$(php -r ' require_once "/usr/share/filegator/backend/Utils/PasswordHash.php"; $password = "'"$password_hash"'"; $salt = "'"$salt"'"; $hash = crypt($password, $salt); echo $hash; ')

     

     

    Here we use PHP to create a password hash using the previously generated "salt". The crypt() function creates a strong password hash, which is then stored in the hash variable.

     

    Check the Filegator installation:

     wget -q http://$ip_server/filegator/

     

    This step confirms that Filegator has been correctly installed and is accessible at the specified IP address. If you prefer visual verification, simply navigate to http://$ip_server/filegator/ in your web browser.

    Address http://$ip_server/filegator/ in your web browser.

     

    Update the configuration file with a new password hash:

    Before the change, we see the password hash "admin"

     

     sed -i '0,/"password":/{s#"password":"[^"]*"#"password":""$hash""#}' /usr/share/filegator/private/users.json

     

    This command updates the users.json configuration file in Filegator, replacing the default password hash with the newly created one.

     

    Completion

    .

    You now have a customized and secure password to access Filegator. Change your password regularly to keep your system as secure as possible.