Htaccess Authentification – how to secure your website

Home Articles Htaccess Authentification – how to secure your website
Htaccess Authentification

Htaccess Authentification can be made facil, only knowing the right steps to follow.

HTACCESS Auth – files

  1. Lets assume that you want to secure the folder www/test. Go in any FTP client and find the document .htaccess. If the file doesn’t exist, just create one. In FileZilla, right click in the folder where you want to create the file, New File and write down .htaccess. 
  2. Another file that we need to create is called .htpasswd and will contain the users and password which we will use for authentification. If you created this file also, move on to what the files must contain.

 

HTACCESS  Auth – .htaccess content

Now that we have the 2 files, is the time to create the content of them.

For the .htaccess content, you will need something like this:

AuthType Basic
AuthName "My Protected Area"
AuthUserFile /path/to/.htpasswd
Require valid-user

Lets explain it a bit:

  • The type of authentification will be basic: username and password.
  • AuthName is a name that you can choose and will be displayed in the login alert.
  • AuthUserFile is the path to .htpasswd file. How you find it? Well, we said that we will secure www/test folder. Go in that folder, and create an php file and write inside:
<?php echo getcwd(); ?>

This will output an result like: /home/www/test. This you copy in the third line of htacces, so it will look like this:

AuthUserFile /home/www/test/.htpasswd
  • The last line requires and valid user to be able to login.

HTACCESS  Auth – .htpasswd content

Now we will open the second file, the .htpasswd and we will enter there the users and passwords for each of them. Inside should look like this:

test:$apr1$uZ2obIfV$aY3NwFH66WxxRJrWf9xNe1

So, as you can see the format is the following: username:password.

Notice that the password must be encoded in MD5.

Here is a tool to help you make the content quicker. If you want to add more than 1 users with passwords, just do it like this:

test1:$apr1$uZ2obIfV$aY3NwFH66WxxRJrWf9xNe1 
test2:$apr1$uZ2obIfV$aY3NwFH66WxxRJrWf9xNe1 
test3:$apr1$uZ2obIfV$aY3NwFH66WxxRJrWf9xNe1 
test4:$apr1$uZ2obIfV$aY3NwFH66WxxRJrWf9xNe1

After you saved the files and you will try to enter in your protected folder, you will see something like this:

Htaccess Authentification dumitru alexandru

Htaccess Authentification

If you decline this box, you will get error 401 – Unauthorized!

Thats all you need to do!

You found this article useful? Write your opinion bellow!

/ PHP / MYSQL

Share the Post

Related Posts

Read More
How to setup FileZilla FTP client
Read More
Equivalence of diplomas within European Union
Read More
How to get started with WordPress – first steps
Read More
The human consciousness
Read More
Essential English for foreign students by C.E. ECKERSLEY
Read More
First steps in Phonegap – Required apps
The time is the limit
Read More
WordPress: Jetpack 403 error and firewall conflict

Comments

No comment yet.

Yanıtla

Your email address will not be published. Required fields are marked *

three + 5 =

  Atentie! Acest site foloseste cookie. Continuarea folosirii reprezinta un accept din partea dvs.