If we don't have the answer
to your webhosting issue posted on the site,
and you need immediate assistance regarding
a webhosting related issue, please call us at
the applicable number below, and we will do
our best to help you out...
Office Hours Support: (513)
579.1990
After Hours Support: (513)
658.2258
Let us manage and maintain your key
business servers...that's our core business,
not yours.
How can I password protect information on my website?
1.
This page describes how to use htaccess to password protect your site or parts of your site.
Protection is implemented on a folder (directory) basis; all the files in a protected directory
are inaccessible unless a password challenge is met.
2.
If you need this feature, but don't anticipate needing it again for a long time
(and the following description doesn't make sense to you), call us. We can help.
This document
describes the steps to establish or change the Web directory
password. Web pages can be protected by password if
an additional system-file is placed in the directory that holds the
pages to be protected. The Web directory password
can be the same as the server-account password (not recommended),
but it must be maintained separately and manually. Once the specially
named file (.htaccess) is in place to protect the directory, anyone
trying to access the web pages in this directory from a web browser
will be asked for an account name and password
STEP 1.
Using
telnet, login to the server account, using the current UNIX server-account
password
System
Shows
You
Type
$
login
myaccount [Enter-key]
(lowercase)
Password:
******* [Enter-key]
(sample response)
Last login: Thu
Sep 3 10:46:18 from 208.16.129.74
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 2.2.2-RELEASE (VCIP) #0: Thu Jun 19 16:46:37 EDT 1997
STEP
2.
Confirm
you are in the right directory location.
$
ls -ls [Enter-key]
(lowercase "L")
(sample response)
2
drwxrwx---
2
myaccount
myaccount
512
Aug19 13:37
Mail
2
drwxrwx---
2
myaccount
myaccount
512
Sep3 08:52
cgi-bin
0
lrwxrwxrwx
1
root
myaccount
10
Aug19 13:37
logs
2
drwxrwx---
2
myaccount
myaccount
512
Jul6 1996
mailback
2
drwxrwx---
15
myaccount
myaccount
1024
Sep3 08:58
www
$ cd
www [Enter-key]
change to www directory
(sample response)
2
drwxrwx---
2
myaccount
myaccount
512
Aug19 13:37
pics
2
drwxrwx---
2
myaccount
myaccount
512
Jul6 1996
other-directories
2
-rw-rw----
1
myaccount
myaccount
94
Sep3 10:44
admin
2
drwxrwx---
15
myaccount
myaccount
1024
Sep3 08:58
other-files
$ cd
admin [Enter-key]
change to admin directory,or whichever directory you want to protect.
(sample response)
2
drwxrwx---
15
myaccount
myaccount
1024
Sep3 08:58
other-files
STEP
3.
Create
a file ".htaccess" to enable password protection and synchronization
to the UNIX account passwords. Or, edit the existing file.
Type
This
Comments
vi .htaccess
[Enter-key]
(start
editor) (note leading period)
[escape-key]
(put
editor in command mode)
i
(put
editor in insert mode)(then type)
AuthName
"By Secret Password Only!"
replace
the text "By Secret Password Only" with any descriptive
text that you want displayed when the system prompts the user for user
id and password. This text must be inside quotes.
Use
the ".htpasswd" command to create username and encrypted-password
pairs.
Type This
Comments
$
cd /home/myaccount
[Enter-key]
change to directory above www directory
replace myaccount
with your UNIX directory name. Note that this is not the name of the directory
you are trying to protect.
htpasswd
execute
this command once for each username and password combination
Usage: htpasswd
[-c] passwordfile username
The -c flag creates
a new file if needed.
Example:
htpasswd server.passwd Sulzercustomer note:
the password and username are case-sensitive.
note: server.passwd must be the same name used in the AuthUserFile
statement in the .htaccess file.
