Syed Jahanzaib Personal Blog to Share Knowledge !

November 5, 2011

Howto Protect a web folder on APACHE with Password

Filed under: Linux Related — Tags: , , , , , — Syed Jahanzaib / Pinochio~:) @ 12:19 PM

Protecting your private web folders is important to keep your file privates from unauthorized users. There are many ways you can password protect directories under Apache web server.

In order to create apache password protected directories you need to set follwing:

  • Password file (must be placed in a folder which must not be accessible via oute rworld.
  • And Directory name which you would like to password protect (/var/www/html/mrtg) (Example)

One of the simplest is to add the following to your Apache config file:

<Directory "/var/www/html/mrtg">
AuthType Basic
AuthName "My Personnel Folder - Not for General Public"
AuthUserFile "/var/www/htpasswd"
Require valid-user
</Directory>

Then create the htpasswdfile, and add at least one user to it (as root):

htpasswd -c /var/www/htpasswd username
It will ask for password, just add your desired one. This file should be outside of the directories available from the web.
More info can be found at http://www.cyberciti.biz/faq/howto-setup-apache-password-protect-directory-with-htaccess-file/

%d bloggers like this: