Switch to the folder:

/etc/apache2/sites-available

Open your website's configuration file, e.g. acme.org

<VirtualHost *:80>

ServerAdmin webmaster@acme.org

ServerName acme.org

# Indexes + Directory Root.

DirectoryIndex index.html

DocumentRoot /var/www/acme.org        

# Logfiles

ErrorLog  /var/www/acme.org/logs/error.log

CustomLog /var/www/acme.org/logs/access.log combined

</VirtualHost>

Insert the following directives:

<VirtualHost *:80>

ServerAdmin webmaster@acme.org

ServerName acme.org

# Indexes + Directory Root.

DirectoryIndex index.html

DocumentRoot /var/www/acme.org   

# This is a server-wide configuration that will add information from the Mellon session to all requests.

<Location />

# Add information from the auth_mellon session to the request.      

MellonEnable "info"

# Configure the SP metadata

# These should be the 3 files which were created when creating SP metadata.

MellonSPPrivateKeyFile /etc/apache2/mellon/http_acme.org_apache.key

MellonSPCertFile /etc/apache2/mellon/http_acme.org_apache.cert

MellonSPMetadataFile /etc/apache2/mellon/http_acme.org_apache.xml  

 # IdP metadata. This should be the metadata file you downloaded from the IdP.

MellonIdPMetadataFile /etc/apache2/mellon/DualShield-Metadata.xml 

# The location all endpoints should be located under.

# It is the URL to this location that is used as the second parameter to the metadata generation script.

# This path is relative to the root of the web server.

MellonEndpointPath /mellon

</Location>

# This is a location that will trigger authentication when requested.

<Location /mfa>

# This location will trigger an authentication request to the IdP.

MellonEnable "auth"

</Location>

# Logfiles

ErrorLog  /var/www/acme.org/logs/error.log

CustomLog /var/www/acme.org/logs/access.log combined

</VirtualHost>

We assume that the access to resources in the folder "mfa" requires user authentication.

Restart the Apache server: sudo service apache2 restart

Now, your website is protected by multi-factor authentication.