Press "Enter" to skip to content

Posts published in May 2008

How to enable .htaccess .htpasswd for Apache

How to enable .htaccess on .htpasswd for Apache.

Here are some short steps about how to password protect websites (or certain directories) using on an Apache webserver.

Note: this assumes you already have Apache installed and running correctly. This writeup is based on Slackware 12.0 & Apache 2.2.8 however the instructions should apply to any previous version of Apache or Linux/Unix builds. YMMV

First enabling .htaccess is simple. Open your active httpd.conf (mine is located @ /etc/httpd/conf/httpd.conf) in your favorite editor and look for the following lines

# First, we configure the “default” to be a very restrictive set of
# features.
#
Options FollowSymLinks
AllowOverride None

Change AllowOverride to All:
Options FollowSymLinks
AllowOverride All

Next, look for:

#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be “All”, “None”, or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None

Change this to:

AllowOverride All

Restart apache:

[root@server]# /usr/bin/apachectl restart

As simple as that .htaccess is now enabled for your server.

Now lets enable it for the directory/site you wish to protect.

Shell in and navigate to the web directory that you wish to protect

[rss@server]$ cd public_html/protected
[rss@server protected]$

Find out your directory path:

[rss@server protected]$ pwd
/home/rss/public_html/protected

Create the .htpasswd file

[rss@server protected]$ htpasswd -mc .htpasswd noob
New password:
Re-type new password:
Adding password for user noob
[rss@server protected]$

Create an .htaccess file

[rss@server protected]$ touch .htaccess

Add the following lines to .htaccess using your favorite text editor
Note: You must change the bolded entries to your own settings

AuthType Basic
AuthUserFile /home/rss/public_html/protected/.htpasswd
AuthGroupFile /dev/null
AuthName “Protected Area”
require valid-user

Save the file and exit to console.

Check permissions
Note: Make sure the permissions are set correctly on the .htaccess and .htpasswd files

[rss@server protected]$ ls -al .ht*
-rw-r–r– 1 rss public 129 Apr 30 00:19 .htaccess
-rw-r–r– 1 rss public 19 Apr 30 00:23 .htpasswd
[rss@server protected]$

If for some reason the permissions are not set correctly, chmod them (644)

[rss@server protected]$ chmod 644 .ht*

Add more users to the password file
Note: If you want to add more users to access the directory, use the htpasswd command:

[rss@server protected]$ htpasswd -m .htpasswd newuser
New password:
Re-type new password:
Adding password for user newuser

That’s really all there is to it.. I would recommend not storing the .htpasswd file in the directory that it’s protecting (or even in a directory that is being served). Move the .htpasswd file to another location and change the AuthUserFile line within the .htaccess file to match the new location.

Listing installed Perl Modules

Simple one line command for listing all installed Perl modules

[code]
perl -MExtUtils::Installed -e’my $inst = ExtUtils::Installed->new(); print $_, $/ for $inst->modules’
[/code]