Creating Password Protected Directories

[ Getting Started ] [ Server Help ] [ Add on Help ] [ Solution ] [ Trouble Shooting ]

PLEASE NOTE, THIS IS VERY OLD ARCHIVE INFORMATION AND MAY NOT FUNCTION ON NEW SERVERS

[ DNS ] [ Email ] [ Server Admin ] [ Web Server ]

Creating Password Protected Directories

Your Virtual Server Apache Web Server supports user authentication. In other words, it allows you to create password protected directories on your Virtual Server web site. Let's say you want to restrict access to a the following directory to those with a valid username and password.

A very useful tool to use that can be installed for free is the
Htaccess Manager.

http://YOUR-DOMAIN.NAME/billy/

You can do this by connecting to your Virtual Server via Telnet or SSH and following the steps below.

Create a file named .htaccess in your ~/www/htdocs/billy directory that contains the following.

AuthUserFile /etc/.htpasswd
AuthGroupFile /dev/null
AuthName "Bill's Restaurant"
AuthType Basic

<Limit GET>
require user William
</Limit>

This .htaccess file will only allow one user, William, to access the directory.

NOTE: If you have a BSD/OS Virtual Server, you should not include the quotation marks around the text set as the AuthName ("Bill's Restaurant" in the example above). Your Virtual Server is likely running BSD/OS if it was ordered before Nov 23, 1999. To find out which O/S your Virtual Server is running, use the uname command:

% uname

If your Virtual Server is not already running the FreeBSD O/S, Upgrade to a New FreeBSD Virtual Server today!

The .htaccess file must reside in the ~/www/htdocs/billy directory in order to control access to the ~/www/htdocs/billy directory. You can either create the .htaccess file while connected to your Virtual Server (using a file editor like pico, for example) or you can create the file on your own PC and upload it to your Virtual Server.

Use the htpasswd command to set a password for the new user. Substitute your Virtual Server login name for LOGIN_NAME below.
```
% htpasswd -c /usr/home/LOGIN_NAME/etc/.htpasswd William
```
You are free to use a different name or directory location for the password file. Just change the /usr/home/LOGIN_NAME/etc/.htpasswd above to whatever you want.

The -c flag indicates that you are adding a user to the /etc/.htpasswd for the first time. When you add more users and passwords to the same password file, the -c flag is not necessary.
```
% htpasswd /usr/home/LOGIN_NAME/etc/.htpasswd peanuts
% htpasswd /usr/home/LOGIN_NAME/etc/.htpasswd almonds 
% htpasswd /usr/home/LOGIN_NAME/etc/.htpasswd walnuts
```

More Information

The best place to learn about user authentication is from the source (NCSA).

User Authentication Tutorial

NOTE: You should be aware of one subtle difference with the Virtual Server System. When you set up your .htaccess files, you specify the AuthUserFile or AuthGroupFile with respect to your home directory. However, when you set up your .htpasswd files with the htpasswd command you need to prepend /usr/home/LOGIN_NAME to the directory specification.

[ DNS ] [ Email ] [ Server Admin ] [ Web Server ]

PLEASE NOTE, THIS IS OLD ARCHIVE INFORMATION AND MAY NOT FUNCTION ON NEW SERVERS

Need a reliable E-commerce Solution?