HTML password protecting

darin3200 · 05-04-2003, 12:52 PM

I am making my website and I want to know if there is a way to password protect an html site so everyone can see the index of the site. Then I can have a link called "darin's stuff" and if someone clicks on it they will be prompted for a password, but I of course know the password.

david_ross · 05-04-2003, 01:05 PM

Yes you can use a ".htaccess" file. To protect a directory so you can put all your files that are to be protected in that directory.

1) You will need "options AuthConfig" turned on in httpd.conf for that directory.
2) Your ".htaccess" file should be put in the directory too be protected and should look like:

Code:

AuthUserFile /path/to/.htpasswd
Authname "Darin's stuff - No unauthorised access"
Authtype Basic
require valid-user

3) Create ".htpasswd" with a username and password pair(s) like:

Code:

darin:kcYriND57b.vI

In this example the password is "password".

darin3200 · 05-04-2003, 01:25 PM

so here is my index so far

Code:

<html>
<head>
  <meta http-equiv="content-type"
 content="text/html; charset=ISO-8859-1">
  <title>index</title>
</head>
<body>
<div style="text-align: center;"><br>
<br>
<a href="1.html">darin's stuff</a><br>
<br>
<br>
<br>
</div>
</body>
</html>

and here is darin's stuff if I had my username be darin and my password test

Code:

AuthUserFile /path/to/.htpasswd
Authname "Darin's stuff - No unauthorised access"
Authtype Basic
require valid-user
darin:test
<html>
<head>
  <meta http-equiv="content-type"
 content="text/html; charset=ISO-8859-1">
  <title>1</title>
</head>
<body>
Darin's Stuff<br>
</body>
</html>

is this right???
(thanks for the quick response

)

david_ross · 05-04-2003, 01:27 PM

Not in the slightest. Did you only read every third word of post 2?

trickykid · 05-04-2003, 01:29 PM

Quote:

Originally posted by darin3200
so here is my index so far

Code:

<html> <head> <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1"> <title>index</title> </head> <body> <div style="text-align: center;"><br> <br> <a href="1.html">darin's stuff</a><br> <br> <br> <br> </div> </body> </html>

and here is darin's stuff if I had my username be darin and my password test

Code:

AuthUserFile /path/to/.htpasswd Authname "Darin's stuff - No unauthorised access" Authtype Basic require valid-user darin:test <html> <head> <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1"> <title>1</title> </head> <body> Darin's Stuff<br> </body> </html>

is this right???
(thanks for the quick response )

I don't think your quite following. The setup for htaccess doesn't take place in the actual html of the page. You need to setup your httpd.conf file with those parameters along with an actual .htpasswd file and such. You should read up on the docs for htpasswd at www.apache.org for more information.

david_ross · 05-04-2003, 01:29 PM

You need to proect a whole directory eg:
http://yoursite.com/private/

".htaccess" and ".htpasswd" are files in their own right.

darin3200 · 05-04-2003, 03:18 PM

I get it. i did a google for .htaccess and found a lot more useful stuff than when I did html passwords. I was trying to see if I could just password protect a directory and uploaded .htaccess and .htpasswd into a directory. I need to change some stuff now and I go to delete the directory that I made and gftp says I can't because it is not empty. I went into it to get rid of the .htaccess and .htpassed files but I don't see them. How do I get them off? Ahh the joys of html ineptness

david_ross · 05-04-2003, 03:22 PM

You can't see them because they are hidden (they start with a ".") You need to invoke the ls command with a "-a" argument eg:
ls -a

david_ross · 05-04-2003, 03:24 PM

Sorry - you are using gftp - you need to:
1) Open gftp
2) "FTP" menu -> "Options"
3) Check the show hidden files box.

darin3200 · 05-04-2003, 03:33 PM

Here is a screenshot of gftp. I have it selected to show hidden files but as you can see at the bottom it won't let me delete the directory I am in at the right.

david_ross · 05-04-2003, 03:43 PM

You will still need to delete the files first and I think the key to your problem can be seen in the second line of the log - it is loading the file list from cache. Try refreshing the file listing.

darin3200 · 05-04-2003, 03:50 PM

http://frontiernet.net/~darinf/snapshot2.png

david_ross · 05-04-2003, 03:55 PM

I'm not quite sure what you are showing me. There are no files there - the .htaccess file should be in the subfolder.

darin3200 · 05-04-2003, 04:00 PM

everytime I try to delete folder 2, it gives me a "directory not empty" and I can't see any folders in the directory. I put my .htaccess and .htpasswd files in there but they don't show up

Kurt Weber · 05-04-2003, 04:09 PM

Quote:

Originally posted by darin3200
everytime I try to delete folder 2, it gives me a "directory not empty" and I can't see any folders in the directory. I put my .htaccess and .htpasswd files in there but they don't show up

That's because you're ignoring what people tell you.