Go Back   { mindfrost82.com } > Gadget Corner > Tech Newsgroups > Linux > Support Documents
Reload this Page Password protect a directory in Apache 2

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 03-07-2006, 07:22 PM
mindfrost82's Avatar
Administrator
  
Join Date: Mar 2006
Location: Illinois
Posts: 2,168
Sex: Male
My Mood:
Thanks: 5
Thanked 5 Times in 5 Posts
Send a message via ICQ to mindfrost82 Send a message via AIM to mindfrost82 Send a message via MSN to mindfrost82 Send a message via Yahoo to mindfrost82
Password protect a directory in Apache 2
Step 1: Edit /etc/httpd/conf/httpd.conf (make a backup copy first). Find the line that says

AllowOverride None

And change it to:

AllowOverride AuthConfig

If you are using virtual domains, then you will need to add that line to the Directory section of the virtual host area(s) under which you want to be able to enable authentication. E.g.:


ServerAdmin admin@yourdomain.com
DocumentRoot /home/www.yourdomain.com/html
ServerName www.yourdomain.com
ServerAlias yourdomain.com
ScriptAlias /cgi-bin/ /home/www.yourdomain.com/cgi-bin/
ErrorLog logs/www.yourdomain.com-error_log
TransferLog logs/www.yourdomain.com-transfer_log
CustomLog logs/www.yourdomain.com-access_log combined

Options Indexes FollowSymLinks
AllowOverride AuthConfig



Restart apache. (/etc/init.d/httpd restart)

Step 2: Run htpasswd (usually under /usr/bin, but depends on where/how you installed Apache) to generate a username and password for each user to whom you want to allow access to password-protected directories. If you have never done this before, run it with the -c flag (to create a new passwd file) and make sure that you create the file under a secure directory (NOT webroot!) The syntax is htpasswd -c . For example:

htpasswd -c /etc/httpd/conf/users jsmith

will create a passwd file called "users" under /etc/httpd/conf, and will add an entry for the user name jsmith. Follow the prompts to set jsmith's password.

To add additional users, after you've created the file, type:

htpasswd /etc/httpd/conf/users username

Note: Check the permissions on that file and fix them if need be:

sudo chmod 644 /etc/httpd/conf/users


Step 3: In the directory you want to protect, create a file called .htaccess. Enter the following:

AuthType Basic
AuthName "Restricted Files"
AuthUserFile /etc/httpd/conf/users
Require valid-user

You have now created a realm called "Restricted Files". This is what gets presented to the client when he is asked to log in. Also, for any other areas of your site which use a .htaccess access file with the same realm name, users will not be prompted again for the same login/pass.
Reply With Quote
Reply

  { mindfrost82.com } > Gadget Corner > Tech Newsgroups > Linux > Support Documents

« Previous Thread | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is On
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT. The time now is 06:22 PM.

Contact Us - { mindfrost82.com } - Archive - Top

Powered by vBulletin, Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.1.0 ©2007, Crawlability, Inc.
© 1999-2008 mindfrost82.com v11.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109