protect web sites with a password
It is possible to protect subdirectories of public_html with a password against undesirable reading access from the web. This is, indeeed, just a weak protection, because every user with a rcs-login can read the page. But it is suitable in order to make low security data accesible for just a specific group of users.
The following example will explain the setup of a password protected directory:
Let the target directory be:
/home/fs2/v9/testuser/public_html/sec
Thus, following user information should be replaced:
- Login: testuser
- Home directory: /home/fs2/v9/testuser
- Directory to protect: sec
Create a file /home/fs2/v9/testuser/public_html/sec/.htaccess with the following content:
AuthName Test
AuthType Basic
AuthUserFile /home/fs2/v9/testuser/public_html/sec/.htpasswd
require valid-user
The file .htpasswd containing permitted users and their appropriate passwords is created as follows:
- Login as a testuser (replace testuser with your desired login) on a login server via slogin.
- Via
/usr/sbin/htpasswd2 -c /home/fs2/v9/testuser/public_html/sec/.htpasswd otto
a file will be created and the first permitted user (otto) and his password (will be requested) will be registered. - Every further user has to be registered with
/usr/sbin/htpasswd2 /home/fs2/v9/testuser/public_html/sec/.htpasswd otto1
If otto1 already exists, you can also change his password with this procedure. - Finally replace the matching files:
chmod 644 /home/fs2/v9/testuser/public_html/sec/.htpasswd
chmod 644 /home/fs2/v9/testuser/public_html/sec/.htaccess - Now, you can test the password protected access by requesting http://wwwpub.zih.tu-dresden.de/~testuser/sec/ with a browser.