Authentication in Apache

I wanted to restrict access to a directory on my web server. It’s quite easy by adding an Authentication directive in the site’s configuration file (in /etc/apache2/sites-available/; preferred) or in a .htaccess file in the directory itself.

Create the user and password:

<pre class="src src-sh">htpasswd -c /path/to/my/specified/password/file <span style="color: #ff4500;">## </span><span style="color: #ff4500;">place file to a place that is not accessible on the web, maybe where htdocs is located.</span>

## enter password

In the site’s configuration file, add a directory directive and add in Authentication. It should look something like:

<pre class="src src-sh">AuthType Basic

AuthName “Restricted Files” # (Following line optional) AuthBasicProvider file AuthUserFile /path/to/my/specified/password/file Require user

For many people, I can use groups.

Pretty easy. Note that the user will be able to access that directory from the browser until the browser is closed.

About Vinh Nguyen


Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>