HTTP Access Control
by Mostafa on Jan.25, 2006, under How To ..., Software
Finally figured out how to password protect individual directories on the server:
Authentication, Authorization and Access Control
It’s a simple 2-step process:
1. Create a passwords file for the users using “htpasswd“:
jsmith@server:~/public_html/db$ htpasswd -c ~/htpasswds jdoe New password: Re-type new password: Adding password for user jdoe jsmith@server:~/public_html/db$
2. Create a file “.htaccess” in the directory to be protected:
jsmith@server:~/public_html/db$ cat .htaccess AuthType Basic AuthName "db" AuthUserFile /home/jsmith/htpasswds Require user jdoe
January 28th, 2006 on 1:02 am
and where exactly does one place the htpasswd file?
January 28th, 2006 on 1:18 am
dude, I though you already had this thing going .. how else do you password protect your directories? Anyway, the passwords file can go anywhere and can be called anything — just as long as you put down the correct location in the “AuthUserFile” line of .htaccess. The most sensible place to put it is somewhere in your homedir — but not in public_html — since people can then just download it off of the server.