The
following tutorial gives you step by step instruction
on how to password protect your website directory with
.htaccess.
There are three simple files involved: .htaccess, .htgroup
and .htpasswd all you have to do is make them and ftp
them up to your webserver. You put the .htaccess in
the directory that you want to protect the other two
files go in a directory not visible to anyone but you,
get the path right or nothing will work. If your ftp
login is elvis the path of your directory looks like
this: /home/elvis/www/index.html. Make sure you use
an ordinary text editor like windows notepad or simple
text for the Mac.
Step
1: MAKE A .htaccess FILE
It
should look like this. The first two lines tell where
.htpasswd and .htgroup are located and the third line
is the title that will be in the password box that pops
up to prompt users for their login, user-list is just
the name of the group that has access its just a generic
term.
AuthUserFile
/home/elvis/.htpasswd
AuthGroupFile /home/elvis/.htgroup
AuthName Graceland_Visitors
AuthType Basic
<Limit
GET>
require
group user-list
</Limit>
Save
this file, call it .htaccess and then ftp it up to the
directory that you want to protect.
Step
2: MAKE A .htgroup FILE
This
file tells who is in the group "user-list"
the syntax is simple user-list: with a space between
each of the user's names.
user-list:
john joe dick harry jane spot ryan manos
elvis
Save
this file, call it .htgroup and ftp it up to the /home/elvis
directory.
Step
3: MAKE A .htpasswd FILE
All
of the passwords are encrypted so you have to use a
program called htpasswd to generate them. There are
two ways to do this, one if you have a shell and know
how to use it your can telnet to inch.com, login and
do the deed from your shell account by typing: htpasswd
-c .htpasswd username to create the file and add "username"
as the first user. The program will prompt you for a
password, then verify by asking again. You will not
see the password when entering it here but it will appear
in this syntax in the .htpasswd file and your will not
have to use the -c flag when writing subsequent passwords
since that creates the file .htpasswd, you can now ftp
it up to the /home/elvis directory.
If
all this was gibberish to you proceed directly to STEP
4.
john:aRrw1zmSpdF9A
joe:xz/mhQzOO8.XI
dick:c0slBI3MevFaU
harry:KH8j2fHBVgFRU
jane:NfCH.9wsNc78I
spot:cQc9EGC.gD1Og
ryan:itlv3jZYGvj7s
manos:jEYnEJ3lX3j0Y elvis:MpU4S/Lvr8KlE
Step
4: GENERATE YOUR PASSWORDS
Do
it the easy way using the Inch Password Generator.
Go to the password generator page and use it to make
as many passwords as you need then cut and paste them
into a text file.
GO NOW
After
you've finished cutting and pasting your file should
look something like the file you see above. Now ftp
it up to the /home/elvis directory where your .htgroup
file is located. Now you can give it a try. Go to the
URL of the directory and this window should pop up:
Now if everything was done correctly then you should
be immediately authenticated and allowed to enter the
site. If it refuses you, you probably made a mistake,
most likely in the path to the .htpasswd and .htgroup
file in your .htaccess file.
If
you want to remove a user then simply use the text editor
you assembled your .ht.passwd file with to remove that
user and his password.-