Basic Auth .htaccess 101

All these are working on Ubuntu 13.04

1. Check if apache modules are loaded:

on ubuntu this one works find:
apache2ctl -M

 auth_basic_module (shared)
 authn_file_module (shared)
 authz_default_module (shared)
 authz_groupfile_module (shared)
 authz_host_module (shared)
 authz_user_module (shared)
not all required, but my config is loading these now. auth_... and authn_... are realy required for my example, but i don't know which of those authz are required..

2. Make password file.
Be sure, that it is NOT in the PUBLIC path! DO NOT add it to your public_html or similar folder. It's unsafe.

htpasswd -c /var/srv/.htpasswd USERNAME

after this command you will have to enter password twice and your file will be ready to go. Make sure, that chmod is OK. While testing (after finnishing all steps) try to look to error.log (/var/log/apache2/error.log or some other place depends of your config).

3. Make .htaccess file

Just make this file in folder, which should be protected and add these lines:

AuthType Basic
AuthName "Authentication Required"
AuthUserFile "/var/srv/"
Require valid-user

If your settings are not working, maybe you don't have rights to make changes to Apache config? try adding this to your virtualhost:

<Directory /path/to/your/folder/where/htaccess/is>
        AllowOverride AuthConfig
5. Reload/restart apache!

service apache2 restart
/etc/init.d/apache2 restart

That's it!

No comments:

Post a Comment

You can ask IT questions in comments!