How to use .htaccess files with Apache?

Using .htaccess files

Outside of your web directory (best in /home/httpd/ ) you need to create the file(s) (you can have more than one) that contain the user names and passwords.

Step 1:

This can be done thus: htpasswd /home/httpd/.sysinfo admin

Note the dot (.) in front of .sysinfo !!!! (that’s a hidden file in Unix)

This creates a password file with the username of admin (you’ll be prompted for a password too).

Below are the options for htpasswd (if it’s the first time you’re creating a file, you’ll need to run it with the -c (Create new file) option.

root@ftp ~# htpasswd


htpasswd [-cmdps] passwordfile username

htpasswd -b[cmdps] passwordfile username password

htpasswd -n[mdps] username

htpasswd -nb[mdps] username password

-c Create a new file.

-n Don’t update file; display results on stdout.

-m Force MD5 encryption of the password.

-d Force CRYPT encryption of the password (default).

-p Do not encrypt the password (plaintext).

-s Force SHA encryption of the password.

-b Use the password from the command line rather than prompting for it.

On Windows, TPF and NetWare systems the ‘-m’ flag is used by default.

On all other systems, the ‘-p’ flag will probably not work.

root@ftp ~#

Step 2:

In the directory you wish to protect, you need to create a file called .htaccess Again, note the dot (.) in front of it.

This file needs to have the following content:

AuthUserFile /home/httpd/.sysinfo
AuthGroupFile /dev/null
AuthName "System Information"
AuthType Basic
require valid-user

If you read it carefully, it’s self explanatory.

Step 3:

Finally, you need to edit /home/httpd/conf/httpd.conf and look for the following string; AllowOverride

It’ll probably be set to Limit or something like that.

It needs to be change to: AllowOverride AuthConfig

Restart the web server.. /etc/init.d/httpd restart or apachectl graceful

admin has written 88 articles