Using .htaccess files with Apache
Outside of your web directory (best in /home/httpd/ ) you need to create the file(s) (you can have more than one) that contain the user names and passwords.
This can be done thus: htpasswd /home/httpd/.sysinfo admin
Note the dot (.) in front of .sysinfo !!!! (that’s a hidden file in Unix)
This creates a password file with the username of admin (you’ll be prompted for a password too).
Below are the options for htpasswd (if it’s the first time you’re creating a file, you’ll need to run it with the -c (Create new file) option.
root@ftp ~# htpasswd
htpasswd [-cmdps] passwordfile username htpasswd -b[cmdps] passwordfile username password htpasswd -n[mdps] username htpasswd -nb[mdps] username password
-c Create a new file. -n Don't update file; display results on stdout. -m Force MD5 encryption of the password. -d Force CRYPT encryption of the password (default). -p Do not encrypt the password (plaintext). -s Force SHA encryption of the password. -b Use the password from the command line rather than prompting for it.
On Windows, TPF and NetWare systems the ‘-m’ flag is used by default.
On all other systems, the ‘-p’ flag will probably not work.
In the directory you wish to protect, you need to create a file called .htaccess Again, note the dot (.) in front of it.
This file needs to have the following content:
AuthUserFile /home/httpd/.sysinfo AuthGroupFile /dev/null AuthName "System Information" AuthType Basic require valid-user
If you read it carefully, it’s self explanatory.
Finally, you need to edit /home/httpd/conf/httpd.conf and look for the following string; AllowOverride
It’ll probably be set to Limit or something like that.
It needs to be change to:
Restart the web server..
/etc/init.d/httpd restart or