how do I poassword protect a directory on a website, Apache

bentman78 · 04-26-2004, 10:52 AM

I know how to password protect a directory on a whole website. But what do I do if I have a site line www.site.com/private .
I want to put password protection just for the "private" sub-directory and not the rest of the site. Thanks in advanced

trickykid · 04-26-2004, 11:26 AM

http://httpd.apache.org/docs/howto/htaccess.html

bentman78 · 04-26-2004, 04:38 PM

riiiiight....that still doesn't tell me how to do it for just one directory in the website. I have already looked at that document anyway. It doesn't really tell me how to do it for one directory. Can anyone give an example, I will understand it better then. In my virtual hosts section, what would I do to add basic authenication to just one directory in the website?

trickykid · 04-26-2004, 04:58 PM

Well, you place the .htaccess file in the directory you want to protect.. just take note it will ask for a username and password if that one directory has any subdirectories.. but that is what your looking for, I promise

tuxguy · 04-26-2004, 09:37 PM

1) make a .htaccess file in the dir you want to protect with the following:

Code:

AuthUserFile /path/to/dir/.htpasswd
AuthGroupFile /dev/null
AuthName "This is my server"
AuthType Basic


require user {username]

2) at the command prompt in the above dir -

htpasswd [-c] .htpasswd {username} (the -c flag creates the .htaccess file)

3) add this to your httpd.conf file and restart your server

<Directory /path/to/dir/>
AllowOverride All
</Directory>

this will give you the following output - http://kroell.homeip.net/private

bentman78 · 04-27-2004, 06:51 AM

Thanks guys. When I try thought I get error 1049 AuthUserFile not allowed here.

Also I have a wierd set up. I have a directory with a lot of files. So I want to password protect that directy. However the directory isn't on that server. here is the setup.

I have a web server running LAMP I'll call it server1.

I have another server with a lot of files, running NFS, server2.

I exported a directory called "files" in etc/files for example. in etc/exports.

I mounted server2:/etc/files in /mnt/files.

Then in the web directory I created a link called private to /mnt/files.
I did this ln-s /mnt/files /user/site/private

I did this because server2 has a ver large hard drive and I have a lot of files. It's running samba to, so I just drop files into it from my widows box and I am set.

It works great and I have no problems acces the stuff. I just want to password protect that directory. I also noticed I can't add the .htaccess file to the .private directory because it doesn't actually reside on that machine. so I added it to the root of the site ultimately and got this error.

I have apache 2 (Redhat distrubution)

bentman78 · 05-04-2004, 10:58 AM

I figured this out too. I tried putting the Authuserfile and stuff in the virtual directory containers. I guess you can't do that.

You have to put the in a directory container.

SuSE_fan · 06-01-2004, 05:34 AM

This may be a stupid mistake but, i did exactly as tuxguy told. this is from my httpd.conf file

<Directory /srv/www/htdocs/phps/secret>
AllowOverride all
</Directory>

and this is inside my /secret folder.

ErrorDocument 401 rejection.html
AuthUserFile /home/wasiq/.htpass
AuthGroupFile /dev/null
AuthName "Book-O-Rama"
AuthType Basic
Require user [username]

and this is from that .htpass file

user1: nnWZGCar5gVY2
user2: 4fQGZ/I/eE9kQ
user3: oAejr3UGjRLXw

now, i restarted my apache2 from runlevel editor of YaST but, still i can see the index.html page inside /secret folder...

ANY CLUE What did I do wrong? or What DIDN'T I do yet to make it work???????

bentman78 · 06-17-2004, 11:12 AM

ErrorDocument 401 rejection.html
AuthUserFile /home/wasiq/.htpass
AuthGroupFile /dev/null
AuthName "Book-O-Rama"
AuthType Basic
Require user [username]
the above needs to be in the directory directive.