This page is aimed at Linux novices who want to require that web site visitors authenticate with usernames and passwords to access particular directories. Be forewarned that, using these methods, it will still be the case that any HCoop member can read your private files; this only "protects" directories accessed over the web.
Let's pretend that your username is billy and you have a website, www.billy.com. The files are in the directory /home/billy/www/billy.com/. You want to require a password for www.billy.com/private and give access to yourself and two friends, joe and mary. Here is what you must do:
- Log into the the server (Fyodor) with ssh
- Configure the web server:
At the $, type pico /etc/domains/com/billy/www and press ENTER
- Press the down arrow to go to the bottom of the file
- Type this: {{{Directory /home/billy/www/billy.com/private
BasicAuth /home/billy/www/htpasswd Billy's friends only. Require valid-user /Directory }}}
- Save the file:
- Press CTRL-X (written as ^X)
- Press Y to save changes
- Press ENTER to save over the old file
Back at the $, type domtool and hit enter. It will print out the changes that it makes to the Apache configuration file.
- Now create a new htpasswd file (HTTP password file) with the a password for billy:
At the $, type htpasswd -c /home/billy/www/htpasswd billy
- Type billy's password and hit ENTER
- Re-type the password and hit ENTER
- Now add a password for joe:
At the $, type htpasswd /home/billy/www/htpasswd joe
- Type joe's password and hit ENTER
- Re-type the password and hit ENTER
- Finally add a password for mary:
At the $, type htpasswd /home/billy/www/htpasswd mary
- Type mary's password and hit ENTER
- Re-type the password and hit ENTER
Now test it by going to www.billy.com/private in your web browser. You should get a box that says Billy's friends only. and asks for a username and password. Try billy and the password you gave to the htpasswd program. You should see the contents of /home/billy/www/billy.com/private/.
Troubleshooting: You know something is wrong if you type billy with the proper password and the login box keeps coming up. Look for errors in the Apache log file, /home/log/apache2/www.billy.com/error.log. This file may be very long, so use the tail command to view it:
At the $, type tail -f /home/log/apache2/www.billy.com/error.log and hit ENTER. This command prints out the last 10 lines in the file and then "follows" the file. Whenever a new line is written to the file, tail will print it out immediately.
- Go back to the $ by pressing CTRL-C (^C).
After using a good password, most web browsers will send that password to the site every time you go back to it. So before you can test joe's or mary's passwords, you have to make the web browser forget that you typed in billy's password. The easiest way to do this is to close the web browser. Alternatively, if you have Mozilla Firefox and the Web Developer Toolbar, then you can click the Miscellaneous button and choose Clear HTTP Authentication. After the browser has forgotten the password, go back to www.billy.com/private and try joe's password. Repeat with mary's password, too.
- That is all!