Differences

This shows you the differences between two versions of the page.

Link to this comparison view

guides:how-to-set-up-htpasswd-authentication-in-apache [2016-08-12 09:45:27] (current)
rory.blanchard created
Line 1: Line 1:
 +====== How to Set Up Password Protection for Apache ======
  
 +Apache can set up password protection for directories and files using htpasswd and htaccess rules.
 +
 +===== Installing Tools =====
 +
 +The installation of the needed tools are slightly different for Debian/​Redhat based distros.
 +
 +<note warning>
 +You will need to have Apache installed to use this guide
 +</​note>​
 +
 +==== Debian/​Ubuntu ====
 +
 +Run the following command:
 +
 +<​code>​
 +sudo apt-get install apache2-utils
 +</​code>​
 +
 +==== Redhat/​CentOS ====
 +
 +Run the following command:
 +
 +<​code>​
 +sudo yum install httpd-tools
 +</​code>​
 +
 +===== Creating the Password Storage File =====
 +
 +After installing the tools to be able to create the password, we can then use the tools to be able to create it.
 +
 +<note tip>
 +You will want to keep the .htpasswd file in a secure location that is not publicly available.
 +</​note>​
 +
 +Run the following code, substituting the path with the location of your choosing and the username you would like to create the password for:
 +
 +<​code>​
 +sudo htpasswd -c /​path/​to/​directory/​.htpasswd <​username>​
 +</​code>​
 +
 +<​note>​
 +I used the -c option to create the file, for adding additional users, leave out the -c option
 +</​note>​
 +
 +After you run the command, you will receive a prompt to create the password for that user.
 +
 +===== Restricting Access =====
 +
 +Now that you've created a password file and you've added users, you need to password protect the directories of your choice.
 +
 +You will create a .htaccess file in the directory that you want to protect with the following command.
 +
 +<​code>​
 +touch .htaccess
 +</​code>​
 +
 +Once you've created the file, you will use your preferred text editor to add the following lines to the .htaccess file.
 +
 +<​code>​
 +AuthType Basic
 +AuthName "​Restricted Content"​
 +AuthUserFile /​path/​to/​directory/​.htpasswd
 +Require valid-user
 +</​code>​
 +
 +<note tip>
 +Make sure to use the same path to the file that you created earlier
 +</​note>​
 +
 +Save the file and close it, then restart your apache server to implement the change.
 +\\
 +\\
 +\\