|  | -
-
- QUESTION:
- How does .htpasswd work? Restricting access to a directory...
ANSWER: - The quickest, easiest way to restrict access using one username and password requires you to write two text files. The first one is called ".htaccess" and is placed in the directory you wish to restrict.
For example, the files I'm protecting above is in /somedir/magazine/tech/articles/a01/, so in that directory I have a file named .htaccess that looks like:
AuthUserFile /someotherdir/.htpasswd
AuthGroupFile /dev/null
AuthName My Dog Did A Meep On The Rug
AuthType Basic
require user Xena
The bottom three lines indicate that only Xena, my dream warrior of love, can access the directory this file is in. The top line contains the location of the password for Xena (/someotherdir/.htpasswd). The AuthGroupFile line is used when you want to have multiple usernames. In this case, there is only one user name, so we point this line to the UNIX black hole of nothingness, /dev/null. The third line is the title of the authentication message box that pops up, while the fourth line indicates that this uses Basic authentication. There are other types, but this is the easiest (and least secure...).
The second file written for this example is one line...but oh what a line. The file is called ".htpasswd", and its location is described in the first line of ".htaccess".
/someotherdir/.htpasswd looks like:
Xena:p,/gLB5VOKSjU
To the left of the colon is Xena, my dream warrior of love. To the right is what happens to the word "warrior" after you munge it through the UNIX function crypt. The easiest way to make this file is bribe your sysadmin into getting the program "htpasswd". It is sometimes included with the web server, so she might not have to look far.
If you do have access to "htpasswd", then the above file would be created like this:
htpasswd -c /someotherdir/.htpasswd Xena
You would be asked to type in the password, the appropriate file would be made, and you can put "Web Security Expert" in your resumé. Just kidding...you can only put "Web Security Technician".
Unfortunately, my sysadmin doesn't listen to me, mainly because he is jealous of my good looks. So I used perl's crypt function:
perl -e 'print crypt("warrior",",9r-jdQI8,.")'
You can insert whatever random junk you want as the second argument for the crypt function. Crypt uses it to help munge up the first argument. There are a zillion ways to do it...just ask the nearest person who has that permanent "computer dork" slouch. Anyway, place the output to the right of the colon next to your username, and you are done. You may now put "Perl Encryption Programming Expert" in your resumé.
but i want multiple usernames...
Ok, change the ".htaccess" file so it looks like:
AuthUserFile /someotherdir/.htpasswd
AuthGroupFile /someotherdir/.htgroup
AuthName My Dog Did A Meep On The Rug
AuthType Basic
require group allowed
See how "AuthGroupFile" points to a file, instead of the black hole /dev/null? Also, the "require" line names a group name ("allowed") instead of a single user name ("Xena", dream warrior of love).
Next, make the ".htgroup" file mentioned above:
allowed: Xena Herc bob obiwan
If you guessed that only the usernames "Xena", "Herc", "bob", and "obiwan" would be allowed access, you are correct and can put "Mensa-qualified" on your resumé.
Finally, add the passwords to the ".htpasswd" file. If you are using the "htpasswd" program, you don't have to put the "-c" if the file already exists. The "-c" stands for "create the file".
Hence, you might execute the following commands:
htpasswd -c /someotherdir/.htpasswd Xena
htpasswd /someotherdir/.htpasswd Herc
htpasswd /someotherdir/.htpasswd bob
htpasswd /someotherdir/.htpasswd obiwan
Or you could manually munge the passwords and create the file so it looks like:
Xena:w93,voe9tkhlT
Herc:Nf04kOPl2kf14
bob:BiIEjg8y75JFD
obiwan:NBuY64rNDczGM
Remember:
Make the .htaccess file
Make the .htgroup file if necessary
Make the .htpasswd file
############################################################ Please be advised that this is a SUPPLEMENTAL Online Manual.
The PRIMARY Online Manual is inside your Online Control Panel... to access it, just click Documentation link at very bottom of Online Control Panel screen.
You should always consult the Online Manual inside your control panel first... and only consult this SUPPLEMENTAL Online Manual as a last resort.
if after consulting the Control Panel Documentation, you still need assistance, please CONTACT SUPPORT
top | | |