08/26/2000

Problem: How do I password protect a web directory.

Solution

1.    Create a .htaccess file in the directory to be protected, it should contain the following lines:

# Access file
order allow,deny
allow from all
require valid-user
Authname DirectoryName
Authtype Basic
AuthUserFile /Directory_Path/.htpasswd

NOTE: the section at the top of the file prevents users from accessing the .htaccess file from a browser. Any requests such as http://www.yoursite.com/securedirectory/.htaccess will be flatly denied.

The AuthUserFile is the password authorization file.  To use the htpasswd for users enter /etc/htpasswd for the AuthUserFile.  You may also leave off the AuthUserFile to use the /etc/passwd file and change the following:

    require group site4 admin

    Where for example site 4 is the group located in /etc/htgroup and admin is a user.


Skip step Two if you are using the /etc/htpasswd file or using the /etc/passwd file for your authorization

2. Now we want to create the htpasswd file using the htpasswd command in the /usr/sbin/ directory.

a. Type: /usr/sbin/htpasswd -c /Directory_Path/.htpasswd username

    Note: When adding additional users remove the -c from the command line

b. You will be prompted for the password twice.

Top of page Top of page * Add to Favorites
Home  ©1996 - 2008 Computer Business Consultants, Inc.   All rights reserved.