How to Protect apache directories with a password in Ubuntu

Question : How to Protect apache directories with a password in Ubuntu?apache-logo

Answer:

To  enable  this  option we  have  to use  2 terms  .htaccess  and  htpasswd

{xtypo_warning}Warning: On at least some versions of Ubuntu, .htaccess files will not work by default. See EnablingUseOfApacheHtaccessFiles for help on enabling them.{/xtypo_warning}

  • Create a file called .htaccess in the directory you want to password-protect with the follwing content:
AuthUserFile /your/path/.htpasswd
AuthName "Authorization Required"
AuthType Basic
require valid-user

Instead of valid-user, you can also add the users you want directly

  • If you want to password protect just a single file in a folder add the following lines to the .htaccess file:
<Files "mypage.html">
  Require valid-user
</Files>

Then create the file /your/path/.htpasswd which contains the users that are allowed to login and their passwords. We do that with the htpasswd command:

htpasswd -c /path/to/your/.htpasswd user1

Example:

pirat9@unixmen-laptop:/var/www$ sudo htpasswd  -c /var/www/web/.htpasswd  pirat9
Output
New password: 
Re-type new password: 
Adding password for user pirat9
pirat9@unixmen-laptop:/var/www$

You can see your  crypted  password  with

pirat9@unixmen-laptop:/var/www$ sudo more  /var/www/web/.htpasswd  
pirat9:Amt1ZMf.BqDjC
  • Finally we need to add the following lines to /etc/apache2/apache2.conf:

<Directory /your/path>
AllowOverride All
</Directory>

You have to adjust /your/path/.htpasswd

Restart your webserver:

sudo /etc/init.d/apache2 restart

Now  restart  apache  and  check

http://ip/path

Useful links: Ubuntu help