Brown CS: Password-Protecting Your Web Pages

Password-Protecting Your Web Pages

To password-protect a web directory, do the following:

Create a password file

	% htpasswd -c /web/cs/password/pwfile pwuser

Where pwfile is a unique filename for the pages you are protecting, and pwuser is a "web user" name for remote users to "log in" as. htpasswd will prompt for a password.

EXAMPLE:

	% htpasswd -c /web/cs/password/jsbhome jsb_visitor

If you will have many name/password pairs, you might wish to use dbmmanage instead of htpasswd, which provides more efficient password lookup on the server side.

Create an access control file in the directory you wish to protect

Create a file named .htaccess, for example:

	AuthName "Jsb's Home Page"
	AuthType Basic
	AuthUserFile /web/cs/password/jsbhome
	require user jsb_visitor

When prompted to log in, the user will see the string next to AuthName. The user must type in the name "jsb_visitor" and then the secret password.

For more details on the syntax of htaccess files, see the Apache web server documentation. (Hint: look at the Apache Directives page).

Information for:

Password-Protecting Your Web Pages

Create a password file

Create an access control file in the directory you wish to protect