Howdy all, Just a random question...I want to require user authentication via .htaccess for one of my virtual websites...I noticed that there are a number of locations where htpasswd resides. One of then seems to be tied to IPSConfig...or at least it is in the "path". Does it matter which htpasswd I use? I wouldn't think so but being new to most of this I want to be sure before I do something drastic and screw everything up! Will
hey willie you could try adding something like this in your httpd.conf Code: <Directory "/your/path/to/htdocs/thedirectoryyouwanttoprotect"> AuthType Basic AuthName "Restricted" AuthUserFile /path/to/apache2/passwds/.htpasswd require valid-user </Directory> now, htaccess files are supposed to be a hit on performance of apache, because apache searches recursivly for your htacces files, using a directory directive is supposed to maintain performance. I could be a bit off on this, but thats the way i interpreted it. btw, i dont use ispconfig, so things may be a bit different, i dont know check this page out here: http://httpd.apache.org/docs/trunk/mod/core.html#directory good luck !
Hey reddog, You kinda got a little ahead of me there...but you answered my next question I think! :}) Here is the first one in more detail! In order to use the .htaccess file you have to make a .htpass file which requires the use of the htpasswd file..at least that is the way I reading things! The problem is that there are a number of htpasswd files on my system and I'm not sure if it matters which one I use to generate the .htpass file??? Now for those that are using ISPConfig, in the http.conf there is a section that includes the directory path to all the virtual websites...in the directives the statements AllowOverride None AllowOveride Indexes AuthConfig Limit FileInfo pertain to the use of .htaccess file - again this is the way I'm understanding things. I should be able to use the .htaccess file in any of the virtual web sites with no problem or is there something I'm missing! Can I use the suggestion that reddog gave or is everything all ready setup? I hate over thinking things but I really don't what to screw up the works! Will
You can use any .htpasswd file, but then of course only the users that are listed in the .htpasswd file can authenticate. For access control you can use this in your .htaccess file, for example (put in the correct path to your .htpasswd file): Code: AuthType Basic AuthName "Members Only" AuthUserFile /var/www/web1/.htpasswd <limit GET PUT POST> require valid-user </limit> You can also create a new .htpasswd file with the htpasswd tool. Have a look at Code: man htpasswd .htaccess/.htpasswd authentication is no problem with the current settings, you don't have to change anything.
