You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Mandy Singh <ma...@gmail.com> on 2007/08/07 20:57:50 UTC

[users@httpd] htaccess and htpasswd

Hello Everyone,

On my website, I have content served off webroot.

site1.example.com
site2.example.com
site3.example.com

All point to the same doc root.

I want to passwd protect site1.example.com but not the others (but they are
served off the same directory)

How can I do that using apache?

The following .htaccess file will passwd protect all the 3 sites since they
are from the same doc root.

  AuthUserFile /usr/local/web/data/users/unh/zap/pro/.htpasswd
  AuthGroupFile /dev/null
  AuthName AllowLocalAccess
  AuthType Basic
  require valid-user


Thanks,
Mandy.

Re: [users@httpd] htaccess and htpasswd

Posted by Tony Stevenson <to...@pc-tony.com>.


Mandy Singh wrote:
> Thanks Tony.
> 
> Doing the following inside the VirtualHost tag did it -
> 
> <VirtualHost 127.0.0.1:80 <http://127.0.0.1:80>>
>     ServerAdmin admin@dev.com <ma...@dev.com>
>     DocumentRoot F:\xampp-lite\xampplite\htdocs\c\trunk\app\webroot
>     ServerName dev.c.com <http://dev.c.com>
>     ErrorLog F:\xampp-lite\xampplite\apache\logs\error_log
>     CustomLog F:\xampp-lite\xampplite\apache\logs\access_log common
>     <Directory />

Mandy, just so you know, using <Directory /> applies to the root of your 
file system, i.e. /

You should consider using a <Location> stanza instead.




>       AuthType Basic
>       AuthName "Authentication Required"
>       AuthUserFile "/var/www/html/.htpasswd"
>       Require valid-user
> 
>       Order allow,deny
>       Allow from all
>     </Directory>   
> </VirtualHost>
> 
> 


--Tony

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] htaccess and htpasswd

Posted by Mandy Singh <ma...@gmail.com>.

Thanks Tony.

Doing the following inside the VirtualHost tag did it -

<VirtualHost 127.0.0.1:80>
    ServerAdmin admin@dev.com
    DocumentRoot F:\xampp-lite\xampplite\htdocs\c\trunk\app\webroot
    ServerName dev.c.com
    ErrorLog F:\xampp-lite\xampplite\apache\logs\error_log
    CustomLog F:\xampp-lite\xampplite\apache\logs\access_log common
    <Directory />
      AuthType Basic
      AuthName "Authentication Required"
      AuthUserFile "/var/www/html/.htpasswd"
      Require valid-user

      Order allow,deny
      Allow from all
    </Directory>
</VirtualHost>


On 8/9/07, Tony Stevenson <to...@pc-tony.com> wrote:
>
> Mandy Singh wrote:
> > Hi Tony,
> >
> > Yes I needed to move stuff to the httpd.conf file, but still how does
> > one do domain level password protection. Your example is directory level
> > password protection that would apply to all Virtual Hosts.
> >
> > Any idea on domain level?
> >
> In the vhost you want to 'protect' use :
>
> <Location />
> Pass Auth text in here
> </Location>
>
> This will then apply only to that vhost, and not the FS path.
>
> let me know how you get on.
>
>
> Tony
>
>
>

Re: [users@httpd] htaccess and htpasswd

Posted by Tony Stevenson <to...@pc-tony.com>.

Mandy Singh wrote:
> Hi Tony,
> 
> Yes I needed to move stuff to the httpd.conf file, but still how does 
> one do domain level password protection. Your example is directory level 
> password protection that would apply to all Virtual Hosts.
> 
> Any idea on domain level?
> 
In the vhost you want to 'protect' use :

<Location />
Pass Auth text in here
</Location>

This will then apply only to that vhost, and not the FS path.

let me know how you get on.


Tony

Re: [users@httpd] htaccess and htpasswd

Posted by Mandy Singh <ma...@gmail.com>.

Hi Tony,

Yes I needed to move stuff to the httpd.conf file, but still how does one do
domain level password protection. Your example is directory level password
protection that would apply to all Virtual Hosts.

Any idea on domain level?

Thanks.

On 8/8/07, Tony Stevenson <to...@pc-tony.com> wrote:
>
> Mandy Singh wrote:
> > Hello Everyone,
> >
> > On my website, I have content served off webroot.
> >
> > site1.example.com <http://site1.example.com>
> > site2.example.com <http://site2.example.com>
> > site3.example.com <http://site3.example.com>
> >
> > All point to the same doc root.
> >
> > I want to passwd protect site1.example.com <http://site1.example.com>
> > but not the others (but they are served off the same directory)
> >
> > How can I do that using apache?
>
> Add your config to your httpd.conf file. Try to avoid using .htaccess
> files if you can.
>
> Look at this page for an idea of how you can do this
>
> http://wiki.apache.org/httpd/PasswordBasicAuth
>
>
>
>
>

Re: [users@httpd] htaccess and htpasswd

Posted by Tony Stevenson <to...@pc-tony.com>.

Mandy Singh wrote:
> Hello Everyone,
> 
> On my website, I have content served off webroot.
> 
> site1.example.com <http://site1.example.com>
> site2.example.com <http://site2.example.com>
> site3.example.com <http://site3.example.com>
> 
> All point to the same doc root.
> 
> I want to passwd protect site1.example.com <http://site1.example.com> 
> but not the others (but they are served off the same directory)
> 
> How can I do that using apache?

Add your config to your httpd.conf file. Try to avoid using .htaccess 
files if you can.

Look at this page for an idea of how you can do this

http://wiki.apache.org/httpd/PasswordBasicAuth