[thelist] Password set-up on Unix/Apache

Garrett Coakley garrett at polytechnic.co.uk
Mon Sep 9 10:01:01 CDT 2002


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 09 Sep 2002 10:44:35 -0400 Olena Sullivan wrote:

> Hello Experts,
>
> Need to know how to password protect a folder on a website that is
> being hosted on Solaris (Unix)/Apache combo.
>
> Aside from coding in password/username capability, I thought there was
> an easier way to do this from the server itself? Am I wrong on this?


No, not wrong at all. You need to create a file in the directory that
you want to password protect called '.htaccess'.

That file should contain the following (lines beginning # are comments):

- --
# file containing user:password details
AuthUserFile /path/to/.htpasswd
# What you want to appear on the dialog box when people log in.
AuthName "Members Area"
# Authentication type
AuthType Basic
# Requirements to be satisfied
require valid-user
- --

Then you need to create the file with user:password details
(.htpasswd, although it can be called whatever you want). I always place
this outside the web root to prevent people trying to snaffle it through
a web browser.

If you have command line access to your server then you can create the
password file using:

shell> htpasswd -c /path/to/.htpasswd username

htpasswd will then ask you for the password, and then ask you to type it
again to confirm it.

The '-c' flag creates the file automatically, if you want to add further
users then you can omit it and just supply htpasswd with the new
username.

If you don't have command line access to the server then I think you
should be able to find some offline tools to generate the password file.

For more info see http://httpd.apache.org/docs/howto/auth.html


G.



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE9fLcl4AAXt40rqS4RAhZeAKCNvkdCTaja/OwXitKzw3DMta8ppQCeJ62p
hJQX0wxxrCRmvyPXLZdDWho=
=2iH8
-----END PGP SIGNATURE-----



More information about the thelist mailing list