htaccess overview?

[bardley]

I need to protect certain pages in our website, and I'd like to use htaccess but have no experience with it. Could someone please give me either:

1. A short outline of the requirements and steps to take, or
2. A link to something similar?

Thanks!! Brad Gunsalus
Cymtec Systems, Inc.
bgunsalus@cymtec.com

 

[ifincham]

Hi,







At the simplest level you can use 'Basic' authentication via mod_auth reading a user/password file. You have something like this in your .htaccess :







AuthName "whatever"




AuthType Basic




AuthUserFile /var/

http://www/auth/userfile

require user user1 user2 user3







Then you create the 'userfile' above with the first user :







/usr/bin/htpasswd -c /var/

http://www/auth/userfile

user1




(it will prompt for password)







Add extra users with the same command but without the -c (create) flag :




/usr/bin/htpasswd    /var/

http://www/auth/userfile

user2




etc.







After that you should get a user/password prompt on access of the .htaccess directory. You must have valid users listed on the 'require' line as well as having them in the userauth file. You can also have group files to make it a bit easier for lots of users. See also -->

http://httpd.apache.org/docs/mod/mod_auth.html

There is also MD5 authentication and various modules allow you to use external databases for user validation - e.g. mod_auth_mysql uses mysql . If you are interested go to -->

http://modules.apache.org/search

and type mod_auth in the search box....





Hope this helps