Controlling Access with .htaccess
(Basic Authentication)

  1. Create a hidden file named .htaccess in directory to be protected. Add the following text to the file:

    AuthUserFile <<path to text file containing usernames:passwords>>
    AuthGroupFile <<path to text file containing groups>>
    AuthName <<name of the ‘realm’ that is protected>>
    AuthType Basic require group <<some usergroup>>
    require user <<some username>> 

    An example:

    AuthUserFile /home/vogelnet/pw_files/.users
    AuthName My_Protected_Area
    AuthType Basic

    require user dvogel user1 user2

  2. Create a (hidden) file to hold the passwords (in an area that is not accessible to others or the web server).

    - Make a directory OUTSIDE the web server accessible directory structure to hold your file (for example: /home/vogelnet/pw_files)

    - Create the password file with the following command (subsequent additions to this file do not use the -c (create) attribute.):

        htpasswd -c <<passwordFilePath&Name>> <<username>>

    An example:

    htpasswd -c /home/vogelnet/pw_files/.users dvogel

    You are asked to enter a password and then to repeat it. After this is successfully completed the file created (in this case .users) looks like this (note that password after the colon and is encrypted):

    dvogel:3xaml49Qn7DV2

     

    Now add another user:

    htpasswd /home/vogelnet/pw_files/.users user1

    after successful entry of the password the file .users looks like this:

    dvogel:3xaml49Qn7DV2
    user1:wXnnNeHvIPIhI

    and so on...

  3. To give groups access to a realm, define the groups in another file similiar to the following (in this case called .group):

    file .group:

    group1:user1 user11 user111
    group2:user2 user22 user222

    Use 'require group' instead of 'require user' in the .htaccess file and add individual user passwords as per before with htpasswd.

    An example:

    AuthUserFile /home/vogelnet/pw_files/.users
    AuthGroupFile / home/vogelnet/pw_files/.group
    AuthName My_Protected_Area
    AuthType Basic

    require user dvogel user1 user2
    require group group1 group2