Password protection on the web
If you wish, you can make password protection for your public_html directory or its subdirectory. Security is as secure as a Telnet connection: Passwords are encrypted on the network, but if they wanted enough, someone could decrypt them very easily. So it’s not a really safe system, but this level of protection is quite enough for many purposes.
.htpasswd
In the directory that you want to protect, create a password file with the following command:
htpasswd -c .htpasswd ktunnus
Command explanation
htpasswd = program for creating password
-c = to create a new password file
.htpasswd = password file name
ktunnus = username to protected site, for example Arto, Teemu etc.
The program will then ask you for a password to be created twice. Now there is an .htpasswd file in the directory to be protected. In order for the protection to work, you also need a .htaccess file. You can do it e.g. Pico.
.htaccess
.htaccess – looks like this:
AuthUserFile /home/oppilaat/00/oppilas/public_html/suojattuhakemisto/.htpasswd AuthName salasivut AuthType Basic require user teemu
Explanation
AuthUserFile = directory path of the password file (use pwd when you are in the directory you want to protect to see its full path, and add .htpasswd at the end)
AuthName = subject of password querypage
It does not work?
In case of problems, the following checklist:
- Is the directory path of the password file correctly defined?
- Is the username correct? There is a difference between big and small letters!
- Is the password correct? (Create a new user and password)
- Are the permissions for the directory and password file set correctly? (chmod 644 .ht*)