Htaccess guide: Difference between revisions
New page: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <!-- saved from url=(0046)http://www.genome.ou.edu/secure1/htaccess.html --> <HTML><HEAD><TITLE>htaccess</TITLE> <META conten... |
No edit summary |
||
Line 62: | Line 62: | ||
<P> | <P> | ||
<HR> | <HR> | ||
<CENTER><A href="http://www.cyberport.com/~jacob/index.html">Home</A> | <CENTER><A href="http://www.cyberport.com/~jacob/index.html">Home</A> | ||
</CENTER></TD></TR></TBODY></TABLE></BODY></HTML> | </CENTER></TD></TR></TBODY></TABLE></BODY></HTML> | ||
Also make sure apache has the following loaded<br><BR> | |||
<Directory /www/jacob/secure/><br> | |||
AllowOverride AuthConfig<br> | |||
</Directory><br> |
Revision as of 11:52, 24 May 2007
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD><TITLE>htaccess</TITLE> <META content="text/html; charset=windows-1252" http-equiv=Content-Type> <META content="MSHTML 5.00.3105.105" name=GENERATOR></HEAD> <BODY aLink=teal background="" bgProperties=fixed link=maroon text=black vLink=navy>
<TBODY> </TBODY>
Password TutorialAt some point you may want to have a set of webpages that are protected, requiring a username/password to gain access to. This tutorial will show you how to set that up. This is geared towards the Unix Apache/NCSA httpd servers. If you are using another web server, you'll need to check that server's documentation to see how to do this.
Steps to Password-protect a DirectoryFirst, create a subdirectoryin your web area. For the sake of this tutorial I'm creating one beneath the toolbox directory, and naming it "secure". Set the permissions on the directory so that it's world readable/executable (so the web server can get to it), then cd into it.
Next you must create a .htaccess file inside themkdir secure chmod 755 secure cd secure directory you want protected. Make it a new file, and enter the following data. The items in bold are things you will want to change depending on the location of these files and directories on your server.
The AuthName is what the user will see whenAuthUserFile <B>/www/jacob/secure/.htpasswd</B> AuthName Toolbox Example AuthType Basic require valid-user they're prompted for a password - something to the effect of "Enter Authorization for Toolbox Example". Now you'll have to set up the password file. You'll need to use the htpasswd program. It is included with NCSA and Apache httpd servers, usually in the support subdirectory under the server root (try /usr/local/etc/httpd/support). You can also write your own program to generate encrypted passwords. You just want to have crypt(actual-password) be stored in the file. Now for every userid you want to add to the password file, enter the following. (the -c is only required the first time; it indicates that you want to create the .htpasswd file).
Be sure to chmod these files (755, or readable by thehtpasswd -c <B>/www/jacob/secure/.htpasswd</B> user1 [ you're prompted for the password for user1, note: the -c argument means to creat a new file] htpasswd <B>/www/jacob/secure/.htpasswd</B> user2 htpasswd <B>/www/jacob/secure/.htpasswd</B> user3 web server), and now you're set. Here is an <A href="http://www.genome.ou.edu/secure1/htaccess.html">example file</A> using the above code to check for security. The username is "jacob" and password is "arch". For more information and another tutorial, you may also want to consult the <A href="http://hoohoo.ncsa.uiuc.edu/docs/tutorials/user.html">NCSA Mosaic User Authentication Tutorial</A>.
|
</BODY></HTML>
Also make sure apache has the following loaded
<Directory /www/jacob/secure/>
AllowOverride AuthConfig
</Directory>