If your home directory is yourlogin, create a file named .htaccess in your web directory that contains the following:
AuthUserFile /home/yourlogin/.htpasswd
AuthGroupFile /dev/null
AuthName ByPassword
AuthType Basic
<Limit GET POST>
require user pumpkin
</Limit>
Then in your home directory, type
touch .htpasswd
to create the file .htpasswd and then
htpasswd .htpasswd pumpkin
This will enable you to secure the directory so that only user pumpkin can enter this directory.
You may well want any of the user/password combinations you created in your .htpasswd file to allow access. Just say require valid-user
instead of require user xxx in .htaccess and any of the users you created will be able to access the files.
Note that you want to store the .htpasswd file in your home directory so it is hidden from others. The one drawback to putting your .htpasswd file in your home directory is that you will have to slightly lower the security of your home directory. Go to /home and type chmod +x yourlogin. The
web server needs execute permission on to read the .htpasswd file. How do I use group access control, and why would I?
A group is a collection of users. You can set up and authorize entire groups of users, rather than laboriously adding each user to the require user line. If you want to allow any valid user (ie, one large group), simply use the require valid-user directive instead of setting up a group. If you require two or more distinct groupings of users, however (perhaps for different subdirectories or different levels of access to your site), you should use group access control.
You can create the passwd.group file with the touch command:
touch ~/passwd.group
You should not use htpasswd to manage this file. Instead, use your favorite text editor and create entries in the file that look like this:
somegroup: user1 user2 user3
anothergroup: joe harry sally
You can use as many of these lines as you like; each one creates a group of users. Users can be in more than one group (or none). Be sure to use spaces to separate users on each line, rather than commas.
To use this group file, make sure the following line appears in the .htaccess file:
AuthGroupFile /home/yourlogin/passwd.group
Next, in the <Limit> section of the .htaccess file, use a require group groupnames directive to restrict access to the groups that you specify. If you want to allow more than one group, list them on the same line, separated with spaces (not commas). |
