Help:Htaccess

From CECS wiki
Jump to navigation Jump to search

The .htaccess file is a configuration file placed in any web directory that can control access to the web pages in that directory. It can be used to restrict access, password protect some or all of the directory, or otherwise change the webserver's behavior. The webpw script allows simplified editing and creation of this configuration file. The webpw script only handles the very most basic of the options available.

The .htaccess file in a web directory is read by the apache web server. Any apache runtime directive may be included in a user .htaccess file as long as it is in one of the following categories:

AuthConfig
Allow use of the authorization directives (AuthDBMGroupFile, AuthDBMUserFile, AuthGroupFile, AuthName, AuthType, AuthUserFile, Require, etc.).
Indexes
Allow use of the directives controlling directory indexing (AddDescription, AddIcon, AddIconByEncoding, AddIconByType, DefaultIcon, DirectoryIndex, FancyIndexing, HeaderName, IndexIgnore, IndexOptions, ReadmeName, etc.).
Limit
Allow use of the directives controlling host access (Allow, Denyand Order).

For example this htaccess file: 

AuthName SomeCourseName
AuthType basic
AuthUserFile /path/to/pass/word/file
require valid-user


would restrict access to the current directory except to listed users who supply the correct password. Italicized parts above should be replaced. The password file should be a file NOT in your web directory, for example, the file .htpasswd in your home directory. You can add or change passwords in this file with the following unix command: 

htpasswd ~/.htpasswd username

or 

htpasswd -b ~/.htpasswd username password


The first time you run this, the file must be created.

htpasswd -b -c ~/.htpasswd username password
Or
touch ~/.htpasswd

If you wanted to limit access to people from on campus or people who have a password (but not require a password for people on campus), you could use the following instead: 

allow from 132.170.0.0/16
allow from 10.0.0.0/8
deny from all
AuthType basic

AuthUserFile /path/to/password/file
AuthName some-name
require valid-user
satisfy any
Retrieved from "http://newton.i2lab.ucf.edu/w/index.php?title=Help:Htaccess&oldid=15028"