NETBUYS.com
Password Tips

Password Protecting your Web Site

You can password protect directories of your web site, so only users with a username and password can access that directory and files within it.

  1. Create the directory your want to password protect (example: file_to_protect)
  2. Create a file .htaccess in that director that looks something like this:
         AuthUserFile /www/yourdomain/file_to_protect/.htpasswd
         AuthGroupFile /dev/null 
         AuthName ByPassword 
         AuthType Basic 

         <Limit GET> 
         require user myfriend 
         </Limit>
  1. Create the password file /www/yourdomain/file_to_protect/.htpasswd using the program /usr/local/bin/htpasswd
  2. To do this, log into your account via Telnet, change into the directory that you want to password protect and type: 
            htpasswd -c .htpasswd myfriend
  3. It will then ask for a password for that user.
  4. Check the password file to make sure it was added.
  5. Now try to access a file in the protected directory with Netscape or Microsoft Internet Explorer. You should now receive a window requesting a username and password.

Protection by password for multiple users

  1. Create your directory, (example: membersonly), to contain the protected files
  2. Create a file .htgroup in that directory that contains the groupname and list of users:
  3.          member-users: user1 user2 user3 ... etc
  4. Modify .htaccess in the membersonly directory so it looks something like:
  5.          AuthUserFile /www/yourdomain/membersonly/.htpasswd 
         AuthGroupFile /www/yourdomain/membersonly/.htgroup 
         AuthName ByPassword 
         AuthType Basic 

         <Limit GET> 
         require group member-users 
         </Limit>
  6. Create the password file (.htpasswd) using the program htpasswd for each user (as above in part 1) You don't need the -c option if you are using the same .htpasswd file. (-c is only to create a new file)
  7. htpasswd /www/yourdomain/membersonly/.htpasswd user1 
htpasswd /www/yourdomain/membersonly/.htpasswd user2, etc
  8. That's it...now try to access a file in the membersonly directory. You should now be presented with a window requesting a username and password.

Protect your page by Domain, Hostname, and IP address

You can setup a directory so that the files could only be view from a few select computers. For example, if you want to setup the membersonly directory so that pages can only be viewed by computers with the name richmond.home.co.uk and all the computers will the name ending co.uk Then you can use this code in the .htaccess file. 

<Limit GET>
order deny,allow
deny from all
allow from richmond.home.co.uk *.co.uk
</Limit>

For more information, please refer to the Authentication Tutorial from NCSA

BACK TO NETBUYS

email NetBuyssm.

Any Comments? Please Call: 800-634-9518

Internet Link Exchange
Member of the Internet Link Exchange

Copyright © 1997 Netbuys. All rights reserved.
Revised: October 14, 1997.