[thelist] password protection

Lumir G Janku lgjanku at w3matrix.com
Sat Nov 18 14:40:21 CST 2000


> > > From: warren <warren at warrenworld.com>
> > >
> > > Thanks for the quick (Saturday even) reply. It appears that the 
> server the
> > > site is hosted on does not allow telnet access. Is there an 
> alternative (can
> > > I set the password portion up using a different server) or do I have 
> to find
> > > a non .htaccess option.

You don't need telnet.
If you have TextPad, it allows you to save .something files.
If not, make htaccess.whatever , ftp it and rename on the server to .htaccess.
The simplest way:

<Limit GET POST>
AuthName "Restricted Area"
AuthType Basic
AuthUserFile /path/.htpasswd
require valid-user
</Limit>

<Limit PUT DELETE>
deny from all
</Limit>

--
Of course, it would be better if you had an access above web root and 
placed the password file there.
Ex.: /home/my_domain/my_users_dir/.htpasswd

Or, create a .directoryname in your web root and put the password file there:
Ex.: /home/my_domain/www/.directoryname/.htpasswd

It is not foolproof, but better than having it in the same directory as the 
access file.

You can mane the password file as you please:
.my_users
Ex.: /home/my_domain/my_users_dir/.my_users

You can use a nifty service for getting an encrypted password here:
http://www.cuci.nl/services/genpassword.html

Make sure that you do not copy any trailing spaces.

Then you create a file .htpasswd (or whatever you named it):

username:enc_password
username2:enc_password2
etc.

---
That's it.












More information about the thelist mailing list