Authn/Authz
Some Modules have been renamed and offer better support for digest authentication. For example, mod_auth is now split into mod_auth_basic and mod_authn_file; mod_auth_dbm is now called mod_authn_dbm; mod_access has been renamed mod_authz_host. There is also a new mod_authn_alias module for simplifying certain authentication configurations
Important Notes:
I use xampp for all my webhosting needs, and store it in C:\xampp\
Get xampp from www.apachefriends.org
Make sure that directory C:\xampp\Apache\bin is specified under the System Path variable. We will use a program named htpasswd.exe, that is contained under the mentioned directory, to create a password file for the specified users.
Create the protected Directory
This section will show you how to create directory "lordmwesh" outside the Web-Server's webroot directory "C:\xampp\htdocs\" using the command prompt.
Open the Windows command-shell via Start » Run... cmd.exe
Change to the drive letter of your Web-Server Suite's root directory (this is the drive you installed the Web-Server Suite under; for this example we will use drive "C:")...
...> C:
Change to the path of your Web-Server Suite's root directory (for this example we will use path "\xampp")...
C:\...> cd \xampp
Create the directory you want to restrict access to with a user/password prompt (we will create directory named "lordmwesh")...
C:\xampp> mkdir lordmwesh
Change to your newly created directory...
C:\xampp> cd lordmwesh
Create user/password file
Continuing from the previous section, we are now ready to use htpasswd.exe to create a file named ".htpasswd": this file will contain user names with their respective passwords (the passwords will be encrypted before placed under the file).
This 1st line (with switch "-c" -- that will not be repeated in the following lines) will create a file named .htpasswd under the current directory (C:\xampp\lordmwesh). The password given will be encrypted by the htpasswd.exe program (due to the "-m" switch -- MD5 encryption).
User named "user1" with password "passuser1" is specified 1st...
C:\xampp\lordmwesh> htpasswd -cmb .htpasswd user1 passuser1
Add user named "user2" with password "passuser2" to the .htpasswd file...
C:\xampp\lordmwesh> htpasswd -mb .htpasswd user2 passuser2
Add user named "raila" with password "kibaki" to the .htpasswd file...
C:\xampp\lordmwesh> htpasswd -mb .htpasswd raila kibaki
Configuration -- httpd.conf
We can now edit Apache's httpd.conf file to bring everything together.
Edit file C:\xampp\apache\conf\httpd.conf
----------------------
Make sure that the following two 'LoadModule' lines are uncommented, by removing the beginning "#" character...
(These 'LoadModule' lines should already be uncommented, by default). This is for
Note that those using Apache1, and Apache2 should check for the correct Module file requred. Apache1 use mod_access.so. Apache2 use mod_authz_host.so
LoadModule access_module modules/mod_access.so #Line 1 for those using Apache1
LoadModule authz_host_module modules/mod_authz_host.so #ine 1 for those using Apache2
LoadModule alias_module modules/mod_alias.so
Uncomment the following two 'LoadModule' lines, by removing the beginning "#" character...
(The 1st line is required for directive 'AuthUserFile')
(The 2nd line is required for directive 'Options Indexes': to display the index of a directory)
LoadModule auth_module modules/mod_auth.so
LoadModule autoindex_module modules/mod_autoindex.so
----------------------
Insert code...
Order allow,deny
Deny from all
Alias /lordmwesh "/xampp/lordmwesh"
Order allow,deny
Allow from all
Options Indexes
AuthType Basic
AuthName "Private Access"
AuthUserFile "/xampp/lordmwesh/.htpasswd"
Require valid-user
Save file and Restart Apache...
(from the command prompt type the following)
> net stop Apache
> net start Apache
Test protected Directory
Access http://localhost/lordmwesh/
Enter one of the user/password combinations...
You should now see either the directory structure, or (if you have an index.html\php file under the accessed directory) your index file.
To [truly] logout as the user, you must close the browser window.
Advanced Configurations and Features
You can also grant/restrict access to the user/password protected directory with IP addresses...
Replace the original "
(or simply replace the first two lines of the original block)
Order deny,allow
Deny from All
Options Indexes
AuthType Basic
AuthName "Private Access"
AuthUserFile "/xampp/lordmwesh/.htpasswd"
Require valid-user
Below the line...
Require valid-user..add the following code...
Allow from 127.0.0.1
Satisfy Any
...if you access the protected area from your local system (IP address -- 127.0.0.1), there will be no need to enter a user/password combination.
(Note that you can add multiple "Allow from ip-address" statements to grant access)
...by using the following code instead...
Allow from 127.0.0.1
Satisfy All
...you will have to access the protected area from your local system (IP address -- 127.0.0.1) AND will need to enter a valid user/password combination.
------------------
further reading
More links
http://httpd.apache.org/docs/2.0/programs/htpasswd.html
http://httpd.apache.org/docs/2.2/new_features_2_2.html#module
http://www.devside.net/articles/windows/password
No comments:
Post a Comment