As such, recently I was discussing how I have been locking down folders, and thought everyone could benefit from what I posted.. assuming they have admin access to a linux web server.
[DRuG]NikT wrote:Hey..
the .htaccess is only part of it, if you google the same howto I did (dont have link any more), it detailed the changes you needed to make to the httpd.conf as well... here's a brief one I made..
For each directory you want to secure, you need to adjust /etc/apache2/apache2.conf
Add the following, z being the directory you want to secure.
- Code: Select all
<Directory /var/www/z>
AllowOverride All
</Directory>
Create a file in the dir you want to protect called .htaccess - the .htpasswd file can be made later in any folder you like, but it must be specified here.
- Code: Select all
AuthName "Secure Area"
AuthType Basic
AuthUserFile /home/gta/.htpasswd
require valid-user
Now the tricky bit...
To create an initial .htpasswd file, use the -c tag.
The syntax is: htpasswd passwordfilename user (add -c if you're creating the file)
- Code: Select all
# htpasswd -c /var/www/.htpasswd suroboy
New password:
Re-type new password:
Adding password for user suroboy
To create new users in the same file, simply drop the -c.
- Code: Select all
# htpasswd /var/www/html/.htpasswd guest
New password:
Re-type new password:
Adding password for user guest
That's it! Enjoy 8)
Of course, you'll need to restart apache...
- Code: Select all
# apache2ctl restart
![[DRuG] cofounder & your host](./images/ranks/site_owner.png "[DRuG] cofounder & your host")
![[DRuG] coleader](images/ranks/co-admin.png "[DRuG] coleader")
![[DRuG] member](images/ranks/global_mod.png "[DRuG] member")
![[AGS] member](images/ranks/ags.png "[AGS] member")
![]DR[ member](images/ranks/dr.png "]DR[ member")
