AlpineWeb Design Home
Is there a domain name available for you?  
Search: For:   ~ Advanced Search
    Support Home > Hosting > VPS2/3 > Webserver > Configuration >

VPS v2/v3: HTTP Authentication

The VPS v2/v3 Apache Web Server supports user authentication. In other words, it allows you to create password protected directories on your Web site. For example you can restrict access to the following directory to those with a valid username and password.
http://YOUR-DOMAIN.NAME/secure/

Configuration

Connect to your VPS v2/v3 server via SSH, su to root, and run the following command:
  1. Create a file named .htaccess in the directory you want to password protect. In the example above, the .htaccess file would be created in the /www/htdocs/secure directory. We will allow one user (admin) to access the secure directory.

    You can either create the .htaccess file while connected to your server (using a file editor such as pico) or create the file on your local computer. Upload the .htaccess file to your Virtual Private Server. The file should contain the following text:
    AuthUserFile /etc/.htpasswd
    AuthGroupFile /dev/null
    AuthName "SECURE AREA NAME"
    AuthType Basic

    <Limit GET>
    require user admin
    </Limit>
  2. Replace SECURE AREA NAME and admin with the name of the secure area and the user you want to allow access to the directory. If multiple users will need access to the directory remove the require user line and replace it with the following line:
    require valid-user
    This will allow any user in your .htpasswd file to access the directory. The AuthUserFile path is the path to where the .htpasswd file is located. The .htpasswd file contains both logins and encrypted passwords for the authorized users. Use the htpasswd command to set a password for the new user. You will be prompted to enter the password after running the following command:
    # htpasswd -c /etc/.htpasswd admin
    You are free to use a different name or directory location for the password file. Just change the /etc/.htpasswd above to whatever you want. The path used to create the .htpasswd file must match the AuthUserFile path in the .htaccess file.

    The -c flag creates the .htpasswd file. Only use the -c flag the first time you add a user with the htpasswd command. When you add more users and passwords to the same password file, the -c flag is not necessary. To add more users to the /htpasswd file you would run commands similar to the following:
    # htpasswd /etc/.htpasswd john
    # htpasswd /etc/.htpasswd mike

More Information

The best place to learn about user authentication is from the source (NCSA)
NOTE: You should be aware of one subtle difference with the Virtual Private Server system. When you set up your .htaccess files, you specify the AuthUserFile or AuthGroupFile with respect to your home directory. However, when you set up your .htpasswd files with the htpasswd command you need to prepend /home/LOGIN-NAME to the directory specification.


image


image
Authorized viaVerio Reseller         Authorize.net         Miva Certified Business Partner