Post by Admin on Dec 24, 2014 6:00:21 GMT
We have several directories which have been restricted to some users in our company. Since they will need to authenticate before able to access the directory via web browser, I need to manage simple Apache user authentication using htpasswd.
User Authentication
To create new password protected directory under /home/website/public_html/secure1, create a new .htaccess file:
$ vim /home/website/public_html/secure1/.htaccess
And enter following line:
AuthUserFile /home/website/.htpasswd
AuthType Basic
AuthName "User Authentication"
Require valid-user
This will tell Apache to refer to .htpasswd for the user authentication data. Now let create a user to be inserted into .htpasswd file:
$ htpasswd -c /home/website/.htpasswd myfirstuser
New password:
Re-type new password:
Adding password for user myfirstuser
Format: htpasswd [options] [location of .htpasswd to be create] [username]
Now you can try to access the secure directory using website: mywebsite.com/secure1. You should able to see login box pop out asking for username and password.
To add another user:
$ htpasswd /home/website/.htpasswd myseconduser
This will insert another line into .htpasswd file. If you see the current value, it should be:
$ cat /home/website/.htpasswd
myfirstuser: Ob5Y/eFTeSXEw
myseconduser: 9oopndPXV7sdE
Group Authentication
In some cases, I need to have a group of people able to access some secure folders. Lets say we have following users:
=================================================================
USER | GROUP | DIRECTORY
=================================================================
David | IT | /home/website/public_html/secure-it
Nade | IT | /home/website/public_html/secure-it
Mike | Admin | /home/website/public_html/secure-admin
Seth | Boss | /home/website/public_html/secure-boss
=================================================================
1. Insert the users into htpasswd file. I will put this under /home/website/.htpasswd:
$ htpasswd -c /home/website/.htpasswd david
$ htpasswd /home/website/.htpasswd nade
$ htpasswd /home/website/.htpasswd mike
$ htpasswd /home/website/.htpasswd seth
2. Create a htgroup file. This will describe the group for every user. Create a new file /home/website/.htgroup and add following line. Boss group can access all secure directories and others can only access their respective directories:
it: david nade seth
admin: mike seth
boss: seth
3. Apply the access into htacess files for every directories that you want to secure.
For IT group, create new .htaccess file:
$ vim /home/website/public_html/secure-it/.htaccess
And add following line:
AuthUserFile /home/website/.htpasswd
AuthGroupFile /home/website/.htgroup
AuthName "User Authentication"
AuthType Basic
Require group it
For admin group, create new file:
$ vim /home/website/public_html/secure-admin/.htaccess
And add following line:
AuthUserFile /home/website/.htpasswd
AuthGroupFile /home/website/.htgroup
AuthName "User Authentication"
AuthType Basic
Require group admin
For Boss group, create new file:
$ vim /home/website/public_html/secure-boss/.htaccess
And add following line:
AuthUserFile /home/website/.htpasswd
AuthGroupFile /home/website/.htgroup
AuthName "User Authentication"
AuthType Basic
Require group boss
User Authentication
To create new password protected directory under /home/website/public_html/secure1, create a new .htaccess file:
$ vim /home/website/public_html/secure1/.htaccess
And enter following line:
AuthUserFile /home/website/.htpasswd
AuthType Basic
AuthName "User Authentication"
Require valid-user
This will tell Apache to refer to .htpasswd for the user authentication data. Now let create a user to be inserted into .htpasswd file:
$ htpasswd -c /home/website/.htpasswd myfirstuser
New password:
Re-type new password:
Adding password for user myfirstuser
Format: htpasswd [options] [location of .htpasswd to be create] [username]
Now you can try to access the secure directory using website: mywebsite.com/secure1. You should able to see login box pop out asking for username and password.
To add another user:
$ htpasswd /home/website/.htpasswd myseconduser
This will insert another line into .htpasswd file. If you see the current value, it should be:
$ cat /home/website/.htpasswd
myfirstuser: Ob5Y/eFTeSXEw
myseconduser: 9oopndPXV7sdE
Group Authentication
In some cases, I need to have a group of people able to access some secure folders. Lets say we have following users:
=================================================================
USER | GROUP | DIRECTORY
=================================================================
David | IT | /home/website/public_html/secure-it
Nade | IT | /home/website/public_html/secure-it
Mike | Admin | /home/website/public_html/secure-admin
Seth | Boss | /home/website/public_html/secure-boss
=================================================================
1. Insert the users into htpasswd file. I will put this under /home/website/.htpasswd:
$ htpasswd -c /home/website/.htpasswd david
$ htpasswd /home/website/.htpasswd nade
$ htpasswd /home/website/.htpasswd mike
$ htpasswd /home/website/.htpasswd seth
2. Create a htgroup file. This will describe the group for every user. Create a new file /home/website/.htgroup and add following line. Boss group can access all secure directories and others can only access their respective directories:
it: david nade seth
admin: mike seth
boss: seth
3. Apply the access into htacess files for every directories that you want to secure.
For IT group, create new .htaccess file:
$ vim /home/website/public_html/secure-it/.htaccess
And add following line:
AuthUserFile /home/website/.htpasswd
AuthGroupFile /home/website/.htgroup
AuthName "User Authentication"
AuthType Basic
Require group it
For admin group, create new file:
$ vim /home/website/public_html/secure-admin/.htaccess
And add following line:
AuthUserFile /home/website/.htpasswd
AuthGroupFile /home/website/.htgroup
AuthName "User Authentication"
AuthType Basic
Require group admin
For Boss group, create new file:
$ vim /home/website/public_html/secure-boss/.htaccess
And add following line:
AuthUserFile /home/website/.htpasswd
AuthGroupFile /home/website/.htgroup
AuthName "User Authentication"
AuthType Basic
Require group boss