General Information
In order to password protect a website, or part of a website, we need to create a .htaccess file and a .htpasswd file. These are the files that Apache reads from to see who is allowed in the site. This guide will show you how to setup a website directory with password protection.
Requirements
- Apache webserver
- Local root access on the box or be able to su to root.
- A SSH client that supports ANSI colors such as puTTy or SecureCRT (if you aren’t on the box).
- Your favorite text editor (I like nano).
Configuration
# nano -w /usr/local/etc/apache/httpd.conf
You will need to add these three lines. Insert them within your VirtualHost(s) if you use them:
AllowOverride AuthConfig
Then restart apache:
# apachectl restart
Now we need to create a password file for the protected directory for user fred
# htpasswd -c /path/to/protected/directory/.htpasswd fred New password: Re-type new password: Adding password for user fred
You can additional users by the previous command, but without the -c. Next we have to create the .htaccess file for Apache to read from
# nano /path/to/protected/directory/.htaccess AuthUserFile /path/to/protected/directory/.htpasswd AuthName "Login Text" AuthType Basic require valid-user
That’s all there is to it. Now that website directory is password protected.
Hello everyone, it’s my first pay a quick visit at this site, and piece of writing is truly fruitful in favor of me, keep up posting these types of posts.