Progmar Marcin Załęczny


Protecting website with Apache authentication

At first we have to create a file containing users that have access granted to our service and their passwords. To do this use htpasswd programm. In Ubuntu this programm is located in apache2-utils package. In order to create .htpasswd file and add to it our first privileged user, issue shell command:

htpasswd -c .htpasswd username
Then if there is a need to add any other user just issue shell command:
htpasswd .htpasswd username2
In either of above commands htpasswd program asks for password for user being added and save it to the .htpasswd.

Now assume that our service is served from /var/www/service catalog and copy file .htpasswd to the /var/www catalog. Next add following lines to our service htaccess file (/var/www/service/.htaccess):

AuthType Basic
AuthName "Authentication Required"
AuthUserFile "/var/www/.htpasswd"
Require valid-user

From now out service is user/password protected.