• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar

The Geek Diary

HowTos | Basics | Concepts

  • Solaris
    • Solaris 11
    • SVM
    • ZFS
    • Zones
    • LDOMs
    • Hardware
  • Linux
    • CentOS/RHEL 7
    • RHCSA notes
    • SuSE Linux Enterprise
    • Linux Services
  • VCS
    • VxVM
  • Interview Questions
  • oracle
    • ASM
    • mysql
    • RAC
    • oracle 12c
    • Data Guard
  • DevOps
    • Docker
    • Shell Scripting
  • Hadoop
    • Hortonworks HDP
      • HDPCA
    • Cloudera
      • CCA 131

How to protect a directory with .htaccess and htpasswd (Apache httpd)

By admin

The .htaccess file provides a way to make configuration changes on a per-directory basis. This file can contain one or more configuration directives. These directives will then be applied to the directory in which the .htaccess file exists and all its subdirectories.

Follow the steps outlined below to protect a directory with .htaccess and htpasswd. The example server used below is CentOS/RHEL.

1. Use htpasswd password utility to create username/password combinations independent of the system login password for web page access.Specify the location of the password file, and if it does not yet exist, include a -c , or create switch on the command line. Replace username with the users to be created.

# htpasswd -c /etc/httpd/conf/.htpasswd username

For adding other user do not use -c option again.

# htpasswd /etc/httpd/conf/.htpasswd username

2. Make the .htpasswd file readable by all users. Depends whether to give read access to all or not.

# chmod 644 /etc/httpd/conf/.htpasswd

3. Create a .htaccess file in the directory (e.g /var/www/html/test) to which password control has to be applied with these entries. Below is a sample .htaccess file :

# cat .htaccess
AuthUserFile /etc/httpd/conf/.htpasswd
AuthName "Restricted"
AuthType Basic
require user username

Remember this password protects the directory and all its subdirectories.
– The AuthUserFile tells Apache to use the .htpasswd file.
– The require user statement tells Apache that only user “username” in the .htpasswd file should have access. If all .htpasswd users must have access, replace this line with “require valid-user“.
– AuthType Basic instructs Apache to accept basic unencrypted passwords from the remote users Web browser.

4. Set the correct file protections on the new .htaccess file in the directory (/var/www/html/test). Give file permissions as per requirement.

# chmod 644 /var/www/html/test/.htaccess

5. Make sure /etc/httpd/conf/http.conf file has an AllowOverride statement in a directive for (/var/www/html/test).

# cat /etc/httpd/conf/http.conf
<Directory "/var/www/html/test">
   AllowOverride AuthConfig
</Directory>

6. Restart Apache.

# service httpd restart

7. Try accessing the web site http://newsite.com/test/test.html and it will prompt for a password.

Filed Under: CentOS/RHEL 6, CentOS/RHEL 7, Linux

Some more articles you might also be interested in …

  1. How to Create a Dictionary for pam_cracklib
  2. CentOS / RHEL 7 : How to add a kernel parameter only to a specific kernel
  3. How to monitor /etc/shadow and /etc/passwd file for changes with Auditd?
  4. Beginners Guide to SELinux
  5. UNIX / Linux : Examples of bash history command to repeat last commands
  6. CentOS / RHEL : How to configure vsftpd to use ports other than the default ports 20 and 21
  7. How to split iso or file using ‘split’ command in Linux
  8. CentOS / RHEL : How to install Open Virtual Machine Tools for Virtual machines Hosted on VMWare
  9. CentOS / RHEL 7 : How to open a port in the firewall with firewall-cmd?
  10. CentOS / RHEL : Resize (reduce) non-root EXT3/4 filesystem on non-LVM device (hard disk partition)

You May Also Like

Primary Sidebar

Recent Posts

  • How to disable firewalld and nftables and use iptables instead in CentOS/RHEL 8
  • How to add an Ethernet connection using nmcli in CentOS/RHEL 7
  • How to set the order to load certain modules in CentOS/RHEL 7 and 8
  • How to configure initrd / initramfs to including kernel modules in CentOS/RHEL
  • How to configure systemd.path to trigger an event when any changes made to a directory
  • Archives
  • Contact Us
  • Copyright

© 2019 · The Geek Diary