I wanted to restrict access to a directory on my web server. It’s quite easy by adding an Authentication directive in the site’s configuration file (in
/etc/apache2/sites-available/; preferred) or in a
.htaccess file in the directory itself.
Create the user and password:
<pre class="src src-sh">htpasswd -c /path/to/my/specified/password/file user.name <span style="color: #ff4500;">## </span><span style="color: #ff4500;">place file to a place that is not accessible on the web, maybe where htdocs is located.</span>
## enter password
In the site’s configuration file, add a directory directive and add in Authentication. It should look something like:
<pre class="src src-sh">AuthType Basic
AuthName “Restricted Files” # (Following line optional) AuthBasicProvider file AuthUserFile /path/to/my/specified/password/file Require user user.name
For many people, I can use groups.
Pretty easy. Note that the user will be able to access that directory from the browser until the browser is closed.