[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sheflug] simple question really

To: <shef-lug [at] xxxxxxxxxxxxxxxxxxx>
Subject: Re: [Sheflug] simple question really
From: "Chris J" <xxxxx [at] xxxxxxxxxxxxxxxx>
Date: Thu, 13 Jun 2002 15:27:04 +0100 (BST)
Envelope-to: <shef-lug [at] list.sheflug.org.uk>
Importance: Normal
List-help: <mailto:shef-lug-request [at] list.sheflug.org.uk?subject=help>
List-id: Sheflug <shef-lug.list.sheflug.org.uk>
List-post: <mailto:shef-lug [at] list.sheflug.org.uk>
List-subscribe: <http://community.uklinux.net/mailman/listinfo/shef-lug>,<mailto:shef-lug-request [at] list.sheflug.org.uk?subject=subscribe>
List-unsubscribe: <http://community.uklinux.net/mailman/listinfo/shef-lug>,<mailto:shef-lug-request [at] list.sheflug.org.uk?subject=unsubscribe>
Reply-to: shef-lug [at] xxxxxxxxxxxxxxxxxxx
Sender: shef-lug-admin [at] xxxxxxxxxxxxxxxxxxx

> how do i password protect a directory on an apache based website.
>
> i think a file called .htaccess needs to go into the directory you want
> to protect.

Yep -- assuming Apache is configured this way [hunt for the directive
"AccessFileName" in the apache config files] :) This file would have
contents along the lines of:
    AuthUserFile /usr2/Homes/cjohnson/.htpasswd
    AuthName "Secret place"
    AuthType Basic
    <Limit GET>
    require valid-user
    </Limit>

AuthUserFile points to the password file and can be anywhere on the file
system. Putting it outside the web space would be a good thing generally as
then people can't try and download it. AuthName is just some name for the
site, usually displayed in prompts with "Enter password for Secret Place",
or"Enter password for realm "Secret Place" etc ...

> i think also you need to run a command called htaccess to create a
> password file.

Close ... htpasswd.

    htpasswd -c <file> <username>

This will create a new file with a user of <username> added to it.

    htpasswd <file> <username>

allows you to change password of <username>.

That's the basics. You'll need .htaccess and whatever youre password file
ends up being readable by the web server ... this usually means chmod 644
both files.
HTH :)

Chris...

-- 
\ Chris Johnson                 \
 \ cej [at] nightwolf.org.uk          \
  \ http://cej.nightwolf.org.uk/  ~-----------------------------------+
   \ Redclaw chat - http://redclaw.org.uk - telnet redclaw.org.uk 2000 \____



___________________________________________________________________

Sheffield Linux User's Group -
http://www.sheflug.co.uk/mailfaq.html

  GNU the choice of a complete generation.

Follow-Ups:
- Re: [Sheflug] simple question really
  - From: Richard Stevenson

References:
- [Sheflug] simple question really
  - From: xxxxx

Prev by Date: [Sheflug] simple question really
Next by Date: [Sheflug] Tomorrow's Meeting
Previous by thread: [Sheflug] simple question really
Next by thread: Re: [Sheflug] simple question really
Index(es):
- Date
- Thread