From a7cb0f2ff41c84defa02182cb73eff7a74e3d817 Mon Sep 17 00:00:00 2001
From: Matthijs Kooijman <matthijs@stdin.nl>
Date: Mon, 20 Feb 2012 15:01:57 +0100
Subject: [PATCH] lighttpd/stdout.nl: Add authentication for /beef.

Beef is a browser exploit framework, useful for testing XSS
vulnerabilities.
---
 etc/lighttpd/vhosts/stdout-nl | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/etc/lighttpd/vhosts/stdout-nl b/etc/lighttpd/vhosts/stdout-nl
index 1fbb4e4..1bd9fb8 100644
--- a/etc/lighttpd/vhosts/stdout-nl
+++ b/etc/lighttpd/vhosts/stdout-nl
@@ -19,4 +19,18 @@ $HTTP["host"] =~ ".stdout.nl$" {
 		# Enable dirlistings for /tmp
 		server.dir-listing = "enable"
 	}
+
+	$HTTP["url"] =~ "^/beef/" {
+		auth.backend                   = "htpasswd"
+		auth.backend.htpasswd.userfile = var.site-dir + "/conf/beef.user"
+
+		auth.require = ( 
+			"/" => (
+				"method"  => "basic",
+				"realm"   => "Beef",
+				"require" => "valid-user"
+			)
+		)
+	}
+
 }
-- 
2.30.2