Easy Apache Basic Authentication
January 1st, 2009
This is a really handy set of instructions for when you need to restrict access to a website or a directory under a website. You will need to have access to both the Apache config for your site and the .htaccess file you need to create/modify.
1. In the httpd.conf file put the following for the domain or directory (you can have other options, this is the minimal):
2. In the root of the domain or directory put an .htaccess file with:
3. Make the password file (you will be prompted to create the password):
1. In the httpd.conf file put the following for the domain or directory (you can have other options, this is the minimal):
<Directory "/full/path/to/the/directory/to/restrict"> AllowOverride AuthConfig Order deny,allow Deny from all </Directory>
2. In the root of the domain or directory put an .htaccess file with:
AuthType Basic AuthUserFile /full/path/to/your/new/password/file AuthName "What You Want The Popup Login Window To Say" require valid-user satisfy any
3. Make the password file (you will be prompted to create the password):
/usr/local/apache/bin/htpasswd -c /full/path/to/your/new/password/file username