Step # 1: Make sure Apache is configured to use .htaccess file
Options Indexes Includes FollowSymLinks MultiViews
AllowOverride AuthConfig
Order allow,deny
Allow from all
Save the file and restart Apache
# /etc/init.d/apache-perl restart
Step # 2: Create a password file with htpasswd
htpasswd -c password-file username
Create directory outside apache document root, so that only Apache can access password file. The password-file should be placed somewhere not accessible from the web. This is so that people cannot download the password file:
# mkdir -p /home/secure/
Add new user called remote
# htpasswd -c /home/secure/apasswords remote
Now allow apache user www-data to read our password file:
# chown www-data:www-data /home/secure/apasswords
# chmod 0660 /home/secure/apasswords
Create .htaccess file using text editor:
# cd /var/www/
# vi .htaccess
Add following text:
AuthType Basic
AuthName "Restricted Access"
AuthUserFile /home/secure/apasswords
Require user remote
Save file and exit to shell prompt.
Step # 3: Test your configuration
Fire your browser type url http://ip-address/
When prompted for username and password please supply username remote and password.
Troubleshooting
If password is not accepted or if you want to troubleshoot authentication related problems, open and see apache access.log/error.log files:
# tailf -f /var/log/apache2/access.log
# tailf -f /var/log/apache2/error.log
0 comments:
Post a Comment