Question : How to Protect apache directories with a password in Ubuntu?
Answer:
To enable this option we have to use 2 terms .htaccess and htpasswd
{xtypo_warning}Warning: On at least some versions of Ubuntu, .htaccess files will not work by default. See EnablingUseOfApacheHtaccessFiles for help on enabling them.{/xtypo_warning}
- Create a file called .htaccess in the directory you want to password-protect with the follwing content:
AuthUserFile /your/path/.htpasswd AuthName "Authorization Required" AuthType Basic require valid-user
Instead of valid-user, you can also add the users you want directly
- If you want to password protect just a single file in a folder add the following lines to the .htaccess file:
<Files "mypage.html"> Require valid-user </Files>
Then create the file /your/path/.htpasswd which contains the users that are allowed to login and their passwords. We do that with the htpasswd command:
htpasswd -c /path/to/your/.htpasswd user1
Example:
pirat9@unixmen-laptop:/var/www$ sudo htpasswd -c /var/www/web/.htpasswd pirat9
Output
New password: Re-type new password: Adding password for user pirat9 pirat9@unixmen-laptop:/var/www$
You can see your crypted password with
pirat9@unixmen-laptop:/var/www$ sudo more /var/www/web/.htpasswd pirat9:Amt1ZMf.BqDjC
- Finally we need to add the following lines to /etc/apache2/apache2.conf:
<Directory /your/path>
AllowOverride All
</Directory>
You have to adjust /your/path/.htpasswd
Restart your webserver:
sudo /etc/init.d/apache2 restart
Now restart apache and check
http://ip/path
Useful links: Ubuntu help
