Chaitanya Lakshmi
  • About Me
  • Job Duties
  • Knowledge Blog
  • Applications
  • Contact Us
    • Linked In
    • Facebook
  • About Me
  • Job Duties
  • Knowledge Blog
  • Applications
  • Contact Us
    • Linked In
    • Facebook

how can I protect my folders and file using htaccess file?

2/27/2012

0 Comments

 
The password protection depends on two files. The first one is the .htaccess file. It tells the webserver that viewing the file and/or folder requires authorization. The second file is the .htpasswd file it stores information about the users and their passwords. Its content will look similar to the following line:

webuser:qkbPmuht5Gzgc

The first part is the username, the second part of the line after the colon symbol is the password. The password is encrypted either using a modified version of MD5 or the system crypt() function.

Creation of the .htpasswd file is usually handled by the Apache htpasswd command line utility.
In case you do not have access to it on your server, you can use the following form to generate your .htpasswd file.

It is recommended that the .htpasswd file is located in a folder that is not accessible through the web. However most servers retrict acces to these files in their setup.

Once you have the .htpasswd file ready you need to create a file named .htaccess and place it in the folder you wish to have protected. The file should have the following lines

AuthType Basic
AuthUserFile "/home/username/path_to_htpasswd/.htpasswd"
AuthName “Enter valid username and password!”
require valid-user

The line AuthUserFile tells the web server where to look for the file containing the usernames which are allowed to access the folder.

The AuthName is what is printed in the user/prompt of the visitor’s browser.

Protecting a single file is a little tricky, you will need to add some more lines to the .htaccess file. Let’s say you wish to protect a file named “my-secret-file.html”. Then you will need to following .htaccess:

AuthType Basic
AuthUserFile "/home/username/path_to_htpasswd/.htpasswd"
AuthName "Enter valid username and password!"

require valid-user

The .htaccess file should be located in the same folder where the my-secret-file.html is located.

0 Comments



Leave a Reply.

    Archives

    April 2012
    March 2012
    February 2012

    Categor

    All
    Ajax
    Api
    Cross Site Scripting
    Css
    Curl
    Design Patterns
    Drupal
    Exception Handling
    Htaccess
    Html
    Javascript
    Jquery
    Json
    Linux
    Mysql
    Oops
    Php
    Regular Expressions
    Web 2.0
    Webservices
    Wordpress
    Xhtml

    RSS Feed

Powered by Create your own unique website with customizable templates.