Password protect directories using htaccess

From BubbaWiki
Jump to navigation Jump to search

Password protect directories using htaccess

Author: Magnus

A guide on how to enable password protection in your web catalogs on your Bubba Two.

Using ssh, log on to Bubba (as your regular user). Type

su

To become root. The root password is

excito

Edit your sites-file:

nano /etc/apache2/sites-enabled/bubba

You will find the part (observe <Directory /home/web/>) in two places:

<Directory /home/web/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>

Edit it in both places to:

<Directory /home/web/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>

Now you need to restart the webserver.

/etc/init.d/apache2 restart

Create a .htaccess file in the web catalog you want to password protect:

nano /home/web/protectedfiles/.htaccess

(Where protectedfiles is the catalog you will protect in this example.)

A "standard" .htaccessfile could look something like:

AuthType Basic
AuthName "Password Required"
AuthUserFile /etc/.passwords/.htpasswd
Require user user1

(Where user1 is the username you log in with in this example.)

Save your .htaccessfile.

To password protect more catalogs simply create and place one .htaccessfile in every catalog you need to protect. Remember to change the user1 to whatever user you desire.

Create a catalog to place your password file in:

mkdir /etc/.passwords

To create the file containing the passwords for the users, type:

htpasswd -c /etc/.passwords/.htpasswd user1

You now have to enter a password for the user "user1".

To add more users in the .passwords file, leave out the -c parameter:

htpasswd /etc/.passwords/.htpasswd user2

You now have to enter a password for the user "user2".

Open a web browser and brows to your protected catalog: www.yourbubba.com/protectedfiles. You should have to enter user name "user1" and your selected password.