Restricting access to certain directories in Apache
Posted by peter on November 18, 2011
Setting passwords on certain directories accessed via your apache web server.
Form time to time you might want to “lock” access to parts of your web site. You can do this by using a .htaccess and a .htpasswd file. Suppose you want to block access to the “squidguardmgr” folder
Edit your etc/httpd/conf/httpd.conf file and add the following line
AccessFileName .htaccess
Create the file in the folder you want to block access to and add the following content
AuthName "Put a message in here"
AuthType Basic
AuthUserFile /var/www/passwords/.htpasswd
AuthGroupFile /dev/null
require user admin
Create a file called “/var/www/passwords/.htpasswd” as per the above file. This is where the user name and password for the “admin” user mentioned above will be stored.
Create a new user called “admin” with the following command:
htpasswd -c /var/www/passwords/.htpasswd admin
Now you need to edit the /etc/httpd/conf/httpd.conf file and tell apache to require a password for the “squidguardmgr” folder as follows:
<Directory /var/www/html/squidguardmgr>
AllowOverride ALL
</Directory>
The above changes the default “AllowOverride none” to ALL. You can copy the htaccess file into whatever folder you want to block access to
