How do I password protect a web directory.

Export to PDF | Export to DOC

1.    Create a .htaccess file in the directory to be protected, it should contain the following lines:

# Access file
order allow,deny
allow from all
require valid-user
Authname DirectoryName
Authtype Basic
AuthUserFile /Directory_Path/.htpasswd

NOTE: the section at the top of the file prevents users from accessing the .htaccess file from a browser. Any requests such as will be flatly denied.

The AuthUserFile is the password authorization file.  To use the htpasswd for users enter /etc/htpasswd for the AuthUserFile.  You may also leave off the AuthUserFile to use the /etc/passwd file and change the following:

    require group site4 admin

Where for example site 4 is the group located in /etc/htgroup and admin is a user.

Skip step Two if you are using the /etc/htpasswd file or using the /etc/passwd file for your authorization

2. Now we want to create the htpasswd file using the htpasswd command in the /usr/sbin/ directory.

a. Type: /usr/sbin/htpasswd -c /Directory_Path/.htpasswd username

    Note: When adding additional users remove the -c from the command line

b. You will be prompted for the password twice.

Leave a Reply

Your email address will not be published. Required fields are marked *