.htpasswd Generation & Policy

From Metro Studios Knowledgebase

Jump to: navigation, search

On most of our servers we have at least one Apache .htaccess/.htpasswd setup for basic user validation. We use this for anything ranging from simple client authentication to locking down web server administration portals - most commonly on the slices.

First step is to add (or append) the .htaccess document within the root of the directory you wish to password protect. It will look similar to the following:

AuthUserFile /var/www/vhosts/dev1.metro-studios.com/private/.htpasswd
AuthGroupFile /dev/null
AuthName "Metro Development"
AuthType Basic
require valid-user

The second step is to run the htpasswd command within the directory specified with the "AuthUserFile" configuration option. If a .htpasswd file does not exist use the -c flag to create it.

Apache htpasswd Documentation

Personal tools
Wiki Navigation