Password-protect your site
Again, this has been done -- better -- by others. But I've recently been asked by the head of our IT division to put up the statistics on internet usage as generated by SARG in a protected directory on the website, and I have to do some quick-and-dirty stuff. This is for *my* documentation purposes only. YMMV.
For multiple users:
- Create the directory, e.g.
/var/www/html/reports. - In
httpd.conf, add the following directives:Alias /reports /var/www/html/reports
<Directory /var/www/html/reports>
AllowOverride All
DirectoryIndex index.html
</Directory>
This lets the local.htaccessto override the global directives. - Inside the
/var/www/html/reports, create a.htaccessfile with the following directives:AuthName "Internet Access Statistics"
AuthType Basic
AuthUserFile /var/www/secret/.htpasswd
<Limit GET>
require user username
</Limit>
Make sure that the.htaccessfile is owned by the effective user and group as specified inhttpd.conf, which, in my case, wasapache.apache. Don't know the deep reason, but it worked for me; without this ownership, it didn't work. - Create the password file
/var/www/secret/.htpasswd. This, of course, assumes that/var/www/secret/exists:$ sudo `which htpasswd` -c /var/www/secret/.htpasswd username
It will ask for the password to be entered twice. Check the file to make sure the user/password combination was added. - To check if this worked, fire up your browser and point it to the protected directory. You should be prompted for a username and password.
For multiple users:
- Create a
/var/www/secret/.htgroupthat contains the list of users with access to the protected directory:groupname: user1 user2 user3 ... etc. - Modify
.htaccess, and add this:AuthGroupFile /var/www/secret/.htgroup
# Change this line accordingly:
require group groupname - Add users to
.htpasswd:
$ sudo `which htpasswd` /var/www/secret/.htpasswd user1
.
.
.
$ sudo `which htpasswd` /var/www/secret/.htpasswd user4
Comments
Post a Comment