htaccess

Use htaccess files to control who is accessing the website

  1. Create a .htaccess file in the top directory, where the wiki (or files which should not be seen by others) lies. This file has to contain the following lines (or more if you want additional functionality):<code>AuthType BasicAuthName "Service-Domain"AuthUserFile <absolute-path-to-your-user-file>Require userĀ  user1 user2</code>The first three lines are required to provide a password authentication. If you are working with usergroups you also need AuthGroupFile. The string provided for the AuthName is what will appear in the password dialog provided by most browsers. Require user is followed by a list of usernames who are allowed to have access. Working with usergroups would necessitate a Require group followed by the group name who has access.
  2. Now you need a .htusers file where you store the password for each user. This file should lie somewhere outside of the web project but in most cases this is not possible. It is a good idea to put it in a private folder where it cannot easily be mixed up with other files. This file has to look like this:<code>user1:INeRD/cUQIFP6user2:INUnlKdkNZ6RQuser3:IN20ffIEEV1H6</code>The passwords are encrypted, only with Windows platforms plain passwords are allowed. Encrypted passwords can be created with htpasswd for instance.
  3. As soon as you have saved your files it is only possible to have access to the website/files it you have the right passwords for user1 and user2.

Taggings:

Subscribe to htaccess