Next you must create a .htaccess file inside the directory you want protected. You can use either the vi or pico editors on the supported systems mentioned above or ftp the file to this directory. If you are new to unix or know little about vi then I suggest you use the pico editor or ftp the .htaccess file. The command to edit with pico is "pico .htaccess". The .htaccess file should contain the following lines. The items in bold are things you will want to change depending on the location of the AuthUserFile and content of AuthName.cd ~ric/public_html mkdir protect chmod g+r,g+x,o-r,o-x protect chgrp-www -sd protect cd protect
The AuthName is what the user will see when they're prompted for a password - something to the effect of "Enter the username for Ric's Protected files". The AuthUserFile is location of the password file and should be not accessible with a url on the server for security reasons. This is a full unix path and the permissions should be set up like the "protect" directory using the chmod and chgrp-www commands above so the only one that can read this file is the owner and the server. To get the full path of a directory, cd to that directory and enter the command "pwd" to print the working directory path.AuthUserFile /z/ric/secret/.htpasswd AuthGroupFile /dev/null AuthName "Ric's protected files" AuthType Basic <Limit GET> require valid-user </Limit>
Now you'll have to set up the password file. You'll need to use the htpasswd program. It is included with the Apache httpd server.
First cd to the directory that contains the password file. In this example the password file is called .htpasswd and is in the directory /z/ric/secret/ as indicated by the AuthUserFile file entry in the .htaccess file. For every username you want to add to the password file, enter the following. (the -c is only required the first time; it indicates that you want to create the .htpasswd file).
Again, make sure the permissions are set up like the "protect" directory using the chmod and chgrp-www commands above so the only one that can read files in the "secret" directory is the owner and the server.cd mkdir secret cd secret htpasswd -c .htpasswd pumpkin [ you're prompted for the password for pumpkin] [ if you have other users enter the following. Don't use the -c] htpasswd .htpasswd user2 htpasswd .htpasswd user3
Here is the protected page using the above setup to password protect this page. The username is "pumpkin" and password is "pie".