Password protect web directory running on Apache
1. Enable the AllowOverride to ALL for the website root directory (DocumentRoot) so the .htaccess file can override the parent configuration.
<Directory "/path/to/website/root/directory"> AllowOverride All </Directory>
2. Go to the website root directory and run the htpasswd as shown below to createt he .htpasswd file. When you enter the htpasswd commands below, it will ask you to enter a password and whatever you entered will be the password corresponding to the user john and doe accordingly.
cd /path/to/website/root/directory htpasswd -c .htpasswd john htpasswd .htpasswd doe
3. Go to the website root directory to create a file named .htaccess and put this in the file
AuthType Basic AuthName "restricted area" AuthUserFile /path/to/website/root/directory/.htpasswd
4. Restart apache
sudo service apache2 restart #ubuntu sudo /usr/sbin/apachetcl restart #mac os
Note, the .htpasswd doesn’t have to be placed in the website root folder, it can be created and placed in other directories where the apache has the read access to it, just have to make sure the AuthUserFile has the correct path to the .htpasswd file. Step 1 and step 3 can be done in the httpd.conf or virtual config file.
Search within Codexpedia
Search the entire web