Network: Apache: Htaccess files

(last edit: 2001-03-18) Htaccess is an apache tool to password protect directories. Edit the following section in you apache configuration file: ------------------------------------------------------------------------------------------ <snip> # # This should be changed to whatever you set DocumentRoot to. # <Directory "/usr/local/share/apache/htdocs"> <snip> # # This may also be "None", "All", or any combination of "Indexes", # "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews". # # Note that "MultiViews" must be named *explicitly* --- "Options All" # doesn't give it to you. # Options Indexes FollowSymLinks # # This controls which options the .htaccess files in directories can # override. Can also be "All", or any combination of "Options", "FileInfo", # "AuthConfig", and "Limit" # AllowOverride All # # Controls who can get stuff from this server. # Order allow,deny Allow from all </Directory> <snip> ------------------------------------------------------------------------------------------ Single user: To password protect a directory for just one user you'll have the make a .htaccess and .htpasswd file. These files have the have the rights 604. You'll have to make the .htaccess file yourself (see below). The .htpasswd file can be created as follows: user@host:/usr/local/apache/htdocs/secure#htpasswd -c .htpasswd user -c creates the file .htpasswd (this filename can be any, just make sure you specify the same one in .htaccess) Sample .htaccess file for single user: AuthUserFile /home/user/securedir/.htpasswd AuthGroupFile /dev/null AuthName "Restricted Access" AuthType Basic <Limit GET> require user user </Limit> Multiple users: To password protect a directory for multiple users you'll have the make a .htaccess, .htgroup and .htpasswd file. These files have the have the rights 604. You'll have to make the .htaccess and .htgroup files yourself (see below). The .htpasswd file can be created as follows: user@host:/usr/local/apache/htdocs/secure#htpasswd -c .htpasswd user Now you have added the password for user. Add more password with the following command: user@host:/usr/local/apache/htdocs/secure#htpasswd .htpasswd user2 Note that the -c is missing so the file isn't created again but added. Sample .htaccess file for multiple users: AuthUserFile /home/user/secure/.htpasswd AuthGroupFile /home/user/secure/.htgroup AuthName "Restricted Access" AuthType Basic <Limit GET> require group users </Limit> Sample .htgroup file: users: user user1 If you access this directory via a webbrowser you'll get an authorisation window. It doesn't mather if you access a file, subdir or subsub dir in this dir: you'll get the auth. window! Only after the auth is succeeded the page you did requested will be displaid.

Click here to go back to the index.