This doesn’t cover the basics of configuring httpd, etc. You should know how to do that! Also, this is being done on an old RHEL 4 box.
If you’re having trouble with selinux blocking CGI in weird and wonderful ways, disable it:
|
1 2 |
setsebool -P httpd_disable_trans 1 getsebool -a | grep httpd_disable_trans |
Anyway … modify /etc/httpd/conf/httpd.conf and add a <Directory> directive for the directory that you wish to protect, e.g. :
|
1 2 3 4 5 6 7 8 9 |
# sed -n '275,+7 p' /etc/httpd/conf/httpd.conf <Directory /> Options FollowSymLinks AllowOverride None AuthName "Restricted area!" AuthType Basic AuthUserFile /usr/local/etc/httpd/users require valid-user </Directory> |
It will protect all subdirectories under the directory too. You can obviously just specify a specific directory if you want, but I want to password protect the entire website.
Create a directory for your htpasswd file - do not put this under your DocumentRoot - somewhere under the ServerRoot is good, but I put it in /usr/local/etc/httpd:
|
1 2 3 |
# mkdir -p /usr/local/etc/httpd # chown apache:apache /usr/local/etc/httpd # chmod 700 /usr/local/etc/httpd |
Then create the htpasswd file and add your first user
|
1 |
# htpasswd -c /usr/local/etc/httpd/users jsmith |
|
1 |
It will then prompt for password. |
I always chown apache:apache /usr/local/etc/httpd/users and then chmod 400 /usr/local/etc/httpd/users.
The -c is not required when adding further users to the users file
|
1 |
htpasswd /usr/local/etc/httpd/users newuser |
Then, just restart httpd (only needed as we changed the httpd.conf file - you don’t need to restart httpd after just adding/deleting users with htpasswd), and browse!
|
1 |
apachectl restart |
(or service httpd restart, /etc/init.d/httpd stop && /etc/init.d/httpd start, whatever….)
Done !