HTAccess

Reprinted by permission of Matt Musselman

Table of Contents

• .htaccess: Simple Any-User Authentication
• .htaccess: Specific User or Group Authentication
• .htpasswd User Password Management
• .htgroup User Group Management

.htaccess: Simple Any-User Authentication

AuthUserFile /usr/local/htpasswd/.htpasswd AuthGroupFile /dev/null AuthName "Please enter password" AuthType Basic <Limit GET POST> require valid-user </Limit>

.htaccess: Specific User or Group Authentication

AuthUserFile /usr/local/htpasswd/.htpasswd AuthGroupFile /usr/local/htpasswd/.htgroup AuthName "Please enter password" AuthType Basic <Limit GET POST> require user joe sally bob require group admins </Limit>

.htpasswd User Password Management

While it's possible to create the .htpasswd file manually, it's usually much more convenient to manage passwords through the shell via the htpasswd command. Syntax is as follows:

1. cd to the directory in which the .htpasswd file should exist
2. type htpasswd -c .htpasswd username. This will create the new .htpasswd file and add the first username into it. It will then ask you for the password for that username.
3. Add subsequent entries by typing htpasswd .htpasswd username .
4. Your .htpasswd file will looks something like this:
   
   

   user:$1$VqLTB/..$w1WS3OUqXwOr42xTHR31e1 user2:$1$zf1Wo/..$SRY1LpMqYVCsndxlLD1Hz/

An alternate method for adding new users to the .htpasswd file is to copy the username and encrypted password directly from the /etc/passwd or shadow file into the .htpasswd file. This is useful if the user would like to use their existing shell or FTP password for web authentication as well.

.htgroup User Group Management

The format for the .htgroup file is as follows:

# Example .htgroup file group1:user1,user2,user3 group2:user2

The .htgroup file can be edited manually or be generated by a script, such as perl.