Apache:htaccess

From DiLab
Jump to: navigation, search

Create the new directory.
Make sure the permissions prohibit public access, except by the webserver.

cd ~/public_html
mkdir mysecretdir
chmod g+rx,o-rx mysecretdir
chgrp www-data mysecretdir
cd mysecretdir


Create the .htaccess file with the following content (edit as appropriate).
Use 'Allow from your.domain.name' to restrict access from the local users only.

AuthName "Password Required"
AuthUserFile /home/.../public_html/mysecretdir/.htpasswd
AuthType basic
Require valid-user
Order deny,allow
Deny from all
Allow from your.domain.name
Satisfy Any

<Files .htaccess>
order allow,deny
deny from all
</Files>


Create the .htpasswd file and users. The htpasswd programm will ask for the new passwords.
Use -c switch only for the first user.

htpasswd -c .htpasswd myuser1
htpasswd .htpasswd user2
htpasswd .htpasswd user3