      |
|
W3U Customer Support
Restricting Access
to Files and Directories with HTAccess
(for Unix only)
|
This is the same document that you were just reading, with the exception that you are now in a different and password protected directory. If you would like to return to that document, then click here. This tutorial covers Basic user authentication using HTAccess. Authentication denies web access to files, unless the visitor has a valid username and password. This feature allows webmasters, like yourself, to restrict access to certain directories. The usernames and encrypted passwords are kept in a webmaster-maintained file. You will need the following basic skills:
Let's suppose you want to restrict files in a directory called turkey to username pumpkin and password pie. Here's what you do: With any text editor (e.g. notepad), create a file called .htaccess. The file should look like the following for your W3U Platinum hosting account: AuthUserFile /mnt/web/guide/w3u/turkey/.htpasswd AuthGroupFile /dev/null AuthName ByPassword AuthType Basic <Limit GET> require user pumpkin </Limit> or your .htaccess file should look like the following for your W3U Classic or Premium hosting account: # Access file order allow,deny allow from all require valid-user AuthName "Turkey" AuthPAM_Enabled off AuthType Basic AuthUserFile /home/sites/site#/web/turkey/.htpasswd FTP your new .htaccess file to the directory turkey on your server. In the above .htaccess file, AuthGroupFile: In this case there is no group file, so we specify /dev/null (the standard Unix way to say "this file doesn't exist"). AuthName can be anything you want. The AuthName field gives the Realm name for which the protection is provided. This name is usually given when a browser prompts for a password (i.e. the Authentication Dialog Box pops up). It is also usually used by a browser in correlation with the URL to save the password information you enter so that it can authenticate automatically on the next attempt to enter the restricted directory. Note: You should set this to something, otherwise it will default to ByPassword, which is both non-descriptive and too common. AuthType should be set to Next, create the password file, which in this case is .htpasswd.The easiest way to do this is to use the htpasswd program distributed with NCSA HTTPd. To do this, telnet into the server, and change to the turkey
directory. At the command line, type: The format that the htaccess program uses to create the password file is: Next, you type the password, which is this example is pie. Again press the enter key. You will be prompted to enter the password again. If you view the resulting .htpasswd file, it should look like this: pumpkin:y1ia3tjWkhCK2 Important Note: be sure that the file path and the filename are the same in both the .htaccess file that you create and in the htpasswd file that you create. That's it. Any files that you place in your turkey directory now require Basic Authentication to access. For a demo, you can access this tutorial in a directory that I have protected with this authentication scheme. Just click here. When you try to access this directory, your browser should demand a username and password. Enter pumpkin in the username field, and pie in the password field. If you are using a browser that doesn't handle authentication, you will not be able to access the document at all. Note, also, that the .htaccess file restricts access to any sub directory of the directory in which the .htaccess file resides. Hence, any visitor requesting ~/turkey/nextdirectory would be presented with an authentication request, unless ~/turkey/nextdirectory had a .htaccess file of its own. Note that to add more users in the future, use the htpasswd program again but without the -c switch: For example, htpasswd filepath/filename bob, will add username "bob" to your .htpasswd file. To delete users, open the .htpasswd file in a text editor and delete the appropriate lines. || Back to FAQ's || W3U's Home || http://www.w3u.com/ |