Protecting access to a web page¶
This page describes how to restrict access to a web directory by using a login and password mechanism. To do this you will need to create two configuration files .htaccess and .htpasswd.
Setting up the .htaccess file¶
First of all we need to create the directory whose content we want to protect. So on the web space (/share/blanche/login/www/) we will create a new directory. Let's call it 'secret'.
cd /share/blanche/login/www/ mkdir secret
Then we have to create in this directory the file .htaccess whose content is :
<files *> deny from all AuthType Basic AuthUserFile /home/LABO/login/www/secret/.htpasswd AuthName "Acces limite" Require valid-user Satisfy any </files>
The .htaccess file indicates that access to this directory is done by means of logins+passwords defined in the .htpasswd file which is also in the same directory.
Setting up the .htpasswd file¶
Now that you know where to create the .htpasswd file, how do you create it?
To create it, you need to use the
htpasswd command available on the machines.
Go to the directory you want to protect.
If the .htpasswd file does not exist in the directory, the command to create the web access login "jean" is :
htpasswd -c .htpasswd jean
$ htpasswd -c .htpasswd jean New password : XXXXXXXX Re-type new password : XXXXXXXX Adding password for user jean
If the .htpasswd file already exists in the directory, the command to create the web access login "marc" is :
htpasswd .htpasswd marc
$ htpasswd .htpasswd marc New password : XXXXXXXX Re-type new password : XXXXXXXX Adding password for user marc
Do not use
htpasswd -c .htpasswd marc in the second case above! If you run this command, you will create a new .htpasswd file that will overwrite the previous one and the definition of the account "jean" will disappear.