Search:

Home | Computer | Web | Html

An article on html and related topics

For additional information and special deals related to some of the items on this article, place your cursor over the double-underlined links. All information supplied by Kontera.com

How to restrict access to a web site folder

By: Trev Wheeler

Have you ever wanted to control access to a directory or file on your website?
Well, it's actually quite simple to do this using an ".htaccess" file placed in that very directory of your website.
Currently this only works for Unix/Linux/Apache based hosts.
If you're hosting your site with a a hosting company and you have a control panel to manage your site, you most likely have a more automated method for doing this. This article will explain how to do it manually, mainly for people with 'root' access to the server.

htaccess login prompt

So what is this .htaccess file?
A description of an .htaccess file as stated on the Apache website is
.htaccess files (or "distributed configuration files") provide a way to make configuration changes on a per-directory basis.

Basically it allows you to make configuration changes to the functionality of the web server, but on a per directory basis.

OK, lets do this already.
First, login via SSH to the server hosting your website.
Change to the directory that you would like to restrict access to, or create it if it does not already exist.


In that directory we'll create the .htaccess file.
Using your favorite text editor (I like vi) create and open this file.
# vi .htaccess

*Note: Make sure you have a dot ( . ) at the beginning of the file.
That tells the webserver not to allow web browsers to simply access the file as they would any other file on your site.

Enter the following text into the file
AuthName "Authorized Users Only."
AuthType Basic
AuthUserFile /etc/httpd/conf/.htpasswd
Require user testusr

You can change"testusr" to whatever username you would like to access this directory.
What these lines basically mean is
AuthName -The title of the login box that pops up when someone attempts to access the directory
AuthType - The type of processing (authentication type) to use ('Basic' being the most common).
AuthUserFile - The location and name of the file where we will store our username/password information.
Require user - A space separated list of users to allow access to this directory (we're only allowing one user).

If you have trouble logging in you can also try using 'Require valid-user' in place of 'Require user testusr'.
This will simply allow any valid user that exists in your.htpasswd file, rather than telling it which specific users to allow.

Next, we'll create the actual user and .htpasswd file we specified in the .htaccess file.
If the .htpasswd file does not already exist in /etc/httpd/conf/ then we'll create it and add the user with
# htpasswd -c /etc/httpd/conf/.htpasswd testusr

If the file does already exist then we don't want to use the '-c' option, so use the command
# htpasswd /etc/httpd/conf/.htpasswd testusr

Either way, you will be prompted for the password twice after executing the command.
Enter the password you want to use (remember, you won't see the password you're typing).

Also, you should probably set the ownership on the .htpasswd file
# chown apache:apache /etc/httpd/conf/.htpasswd

We now have the .htaccess file set to tell Apache to restrict access, and we have the .htpasswd file in place to tell Apache about the users/passwords that exist.
Just one more thing that we need to check.

In your /etc/httpd/conf/httpd.conf file, find the line that says
AllowOverride None

This line should be somewhere underneath the <Directory "/var/www/html"> line.
Change it to
AllowOverride AuthConfig

This tells Apache to allow your website to override the global authentication settings with the settings in your .htaccess file.

Save the file and restart Apache with

/etc/init.d/httpd restart

Now, assuming that all went well you should now have a password protected directory on your website.
All that's left is to make sure you have a file in that directory and then try to access it from a web browser.

It should prompt you for a username and password.

Voila!

Article Source: http://ezine-articles-planet.com

www.howtomonster.com - How to this and How to that. Common computer technology related how tos, guides, and tutorials - www.howtomonster.com

Please Rate this Article

 

Not yet Rated

Click the XML Icon Above to Receive html Articles Via RSS!

Additional Articles From - Home | Computer | Web | Html
Authors, Sign Up for a free account or learn more.
Writers/Authors
Submission Guidelines
Member Login
Submit Articles
Most Popular Articles
Publishers
Article RSS Feeds
Terms of Service


Free Affiliate Training

Share This Page:

AddThis Feed Button

Site Information
Link to Us
About Us
Site Blog
Contact Us
Privacy Policy
Multi Site Article Search
Links Directory

AdSense Secrets

AdSense Secrets v4.0


Real Networks



First Universal Platnum $7500 Guaranteed

Is This Site Useful?

If you found this site useful, please consider buy the webmaster coffee and get a free link back to your site!

Thanks for your support!
Please Rate and Vote For Us:


Top Article Directory Sites
Article Top Sites
Sponsored by Fitness Inform

Affiliate Marketing and Article Directories Topsites
Free Web Directory List
Most Popular Sites - Website Rankings

Submission Guidelines | Contact Us | Link to Us| About Us | Links Directory

© 2008 Ezine Article Planet. All Rights Reserved.
Use of our service is protected by our Privacy Policy and Terms of Service

Powered by MyPagerank.Net

Powered by Article Dashboard