Protecting files on your website from unauthorized users can be very important. Even more important is the method by which you accomplish this task. You could use PHP to listen for login authorization information on each page, but that doesn't protect your images, documents, and other media, does it? That's why I've found the
.htaccess method of protecting files and directories the most reliable. Oh, and it's easy too!Now we want to protect directory of apache name: /var/www/html/queue-stats
#vim /etc/httpd/conf/httpd.conf
add more text below:
<Directory "/var/www/html/queue-stats">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
AuthType Basic
AuthName "restricted area"
AuthUserFile /var/www/html/queue-stats/.htpasswd
require valid-user
</Directory>
Set Up the Password File .htpasswd for access directory
/var/www/html/queue-stats
- go to directory /var/www/html/queue-stats#cd /var/www/html/queue-stats
Then, type the following command:
#htpasswd -c .htpasswd your-user-name #create file .htpassword and user and password to access
If you have more than one user, you should create passwords for them as well, but using the following command for each subsequent user:
#htpasswd .htpasswd another-user-name
Since the .htpasswd file is a plain text file, with a series of user name and encrypted password pairs, you might see something like the following:
#cat /var/www/html/queue-stats/.htpasswd
sally:abcdefgHijK12 #user:sally and password are encrypted
mary:34567890LMNop
#chmod 644 .htpasswd
=============================
Related link:
-http://www.thesitewizard.com/apache/password-protect-directory.shtml
-https://www.addedbytes.com/blog/code/password-protect-a-directory-with-htaccess/#result