[HOWTO] - Password protect Apache folders
- Thread starter Jadey
- Start date
uoba
Re: member
All works fine. But, can I generate two .htpasswd files in the /private/etc/httpd directory (one being .htpasswd and the other .htpasswd2 for example)?
Then, have one folder with access to one (for example: /webserver/folder) and the other accessing the other (webserver/folder2)?
I have generated the .htaccess file in folder2 (an example address) with the top line AuthUserFile /private/etc/httpd/.htpasswd2
However, it asks for the username and password when I go to /webserver/folder2/index.html in the browser, but will not allow me to log-in (wrong pass message, but's it's not the wrong pass)
Any ideas?
Then, have one folder with access to one (for example: /webserver/folder) and the other accessing the other (webserver/folder2)?
I have generated the .htaccess file in folder2 (an example address) with the top line AuthUserFile /private/etc/httpd/.htpasswd2
However, it asks for the username and password when I go to /webserver/folder2/index.html in the browser, but will not allow me to log-in (wrong pass message, but's it's not the wrong pass)
Any ideas?
owaters
Registered
Great guide/how to, works fine thanks 
Just a few questions though....
I have created 2 users using:
sudo htpasswd -c .htpasswd username
and I would like to delete one of them. How do I go about doing this?
Next question..........
Is it possible to make a certain user goto a certain directory?
For example:
I have made a directory called 'remote' in my '...WebServer/Documents/'
In there is the .htaccess file containing:
AuthUserFile /private/etc/httpd/.htpasswd
AuthGroupFile /dev/null
AuthType Basic
<Limit GET POST>
require valid-user
</Limit>
In the 'remote' directory there a directory called 'guest'
When someone goes to the 'remote' directory they will be prompted.
If I put my username and pass in I will gain access to the 'remote' directory (like it does now).
If i put the guest username and pass in I would like to be taken to the 'guest' directory in the 'remote' directory.
Is this possible? if so how do i do it?
Thanks
Just a few questions though....
I have created 2 users using:
sudo htpasswd -c .htpasswd username
and I would like to delete one of them. How do I go about doing this?
Next question..........
Is it possible to make a certain user goto a certain directory?
For example:
I have made a directory called 'remote' in my '...WebServer/Documents/'
In there is the .htaccess file containing:
AuthUserFile /private/etc/httpd/.htpasswd
AuthGroupFile /dev/null
AuthType Basic
<Limit GET POST>
require valid-user
</Limit>
In the 'remote' directory there a directory called 'guest'
When someone goes to the 'remote' directory they will be prompted.
If I put my username and pass in I will gain access to the 'remote' directory (like it does now).
If i put the guest username and pass in I would like to be taken to the 'guest' directory in the 'remote' directory.
Is this possible? if so how do i do it?
Thanks
owaters
Registered
Hi,
Just had to reinstall my system, therefore having to set all this up again.
I have a problem this time though.
I have followed the tutorial about creating a symbolic link and having it protected.
I have created a symbolic link from
/Library/WebServer/Documents/music
to
/Users/oz/Music/iTunes/iTunes\ Music/
but now when I goto that directory I get a page with:
Forbidden
You don't have permission to access /music/ on this server
Can anyone help?
I have added the line in httpd.conf, which now looks like:
Just had to reinstall my system, therefore having to set all this up again.
I have a problem this time though.
I have followed the tutorial about creating a symbolic link and having it protected.
I have created a symbolic link from
/Library/WebServer/Documents/music
to
/Users/oz/Music/iTunes/iTunes\ Music/
but now when I goto that directory I get a page with:
Forbidden
You don't have permission to access /music/ on this server
Can anyone help?
I have added the line in httpd.conf, which now looks like:
Is that right?
hazmat
Rusher of Din
Well either make sure that the permissions on the path to '/Users/oz/Music/iTunes/iTunes Music' is publicly accessible, or better yet, IMO, instead of a sym link use the Alias directive in httpd.conf. Sym links for a web server are a funny thing.
Alias /music '/Users/oz/Music/iTunes/iTunes Music'
That should work.
Alias /music '/Users/oz/Music/iTunes/iTunes Music'
That should work.
setho
Registered
I've followed the directions given by Jadey above, and restarted Apache, but when I view the directory I've protected, there's no request for a username/password.
I noticed the following things (which may be quirks of my server installation or perhaps changes since OS X Server 10.1):
Within /private/etc/httpd/httpd.conf, the "AllowOverride None " directive was commented out, along with the entirety of the (httpd authorization?) section.
Following the instructions, I received an error when I tried to restart Apache. When I uncommented all the directives within the httpd authorization section of httpd.conf, the error did not recur and Apache restarted.
Additionally, there is a comment in the same section as follows:
#### For Mac OS X Server: Any directives in this directory block will be
#### overridden by the ones in the virtual hosts in httpd_macosxserver.conf.
Here's the setup:
Running OS X Server 10.2 on a G4 (not an Xserve).
Trying to protect a directory within a subdomain:
http://seth.foofoofooseth.com/protect/
When I go to the protected directory, it does not prompt for a username/password.
Any suggestions?
Do I need to edit the virtual domains listed in httpd_macosxserver.conf?
Are there overriding "default" configurations in httpd.conf or httpd_macosxserver.conf which are foiling my plans?
I noticed the following things (which may be quirks of my server installation or perhaps changes since OS X Server 10.1):
Within /private/etc/httpd/httpd.conf, the "AllowOverride None " directive was commented out, along with the entirety of the (httpd authorization?) section.
Following the instructions, I received an error when I tried to restart Apache. When I uncommented all the directives within the httpd authorization section of httpd.conf, the error did not recur and Apache restarted.
Additionally, there is a comment in the same section as follows:
#### For Mac OS X Server: Any directives in this directory block will be
#### overridden by the ones in the virtual hosts in httpd_macosxserver.conf.
Here's the setup:
Running OS X Server 10.2 on a G4 (not an Xserve).
Trying to protect a directory within a subdomain:
http://seth.foofoofooseth.com/protect/
When I go to the protected directory, it does not prompt for a username/password.
Any suggestions?
Do I need to edit the virtual domains listed in httpd_macosxserver.conf?
Are there overriding "default" configurations in httpd.conf or httpd_macosxserver.conf which are foiling my plans?