Linux Help
guides forums blogs
Home Desktops Distributions ISO Images Logos Newbies Reviews Software Support & Resources Linuxhelp Wiki

Welcome Guest ( Log In | Register )

Advanced DNS Management
New ZoneEdit. New Managment.


Sign Up Now
Reply to this topicStart new topic
> .htaccess Protection, How to setup .htaccess
post May 27 2005, 10:40 PM
Post #1

Whats this Lie-nix Thing?

Group: Members
Posts: 1
Joined: 27-May 05
Member No.: 5,049

I have found the below help file
Setting Up htaccess by Joey.
Created on September 19th, 2003.
Last updated on September 19th, 2003.

htaccess can be used in co-ordination with the Apache web server to password protect certain files and directories on your web server.

This document assumes that you have Apache already set up and running correctly. If this is not the case please visit for help with installing and configuring Apache.

For my own sanity I'm going to assume that you followed the Apache Setup Guide on our site and that you have apache installed at /usr/local/apache and your HTML documents are located in /usr/local/apache/htdocs. Now let's say you have a directory called admin in /usr/local/apache/htdocs and you would like to password protect it and give certain users access. The first thing you need to do is open up your httpd.conf file and find the section that looks similar to this:

<Directory />
Options FollowSymLinks
AllowOverride None

Once you've found the similar lines in your httpd.conf you can add the following section underneath it:

<Directory "/usr/local/apache/htdocs/admin">
AllowOverride AuthConfig
Options Indexes FollowSymLinks Includes
Order allow,deny
Allow from all

Once you've added the new section, save the httpd.conf file and restart apache. You can normally do this by running killall -HUP httpd as root. Now that the admin directory is properly configured for htaccess you'll need to set up the .htaccess and .htpassword files.

Change into the directory you want to protect (for this guide we are using /usr/local/apache/htdocs/admin) and create a file called .htaccess. To do this you can run touch .htaccess in the directory. Now open up the file with a text editor (nano, pico, vi, joe etc) and enter in the following lines:

AuthUserFile /usr/local/apache/htdocs/admin/.htpasswd
AuthName "Authorization Required"
AuthType Basic
require valid-user

The AuthUserFile directive containts the path to the password file that users will be authenticated against.

AuthName is the message that will appear on the login prompt. The default is Authorization Required but you can change this to whatever you like.

AuthType selects the type of user authentication that will be used. You can leave this as Basic

require let's all the valid users in the .htpasswd file access the directory.

Once your .htaccess file is set up, save and exit the file. You must now create the .htpasswd file. To do this you can use the htpasswd program that comes Apache. If you followed the Apache Guide, htpasswd should be located in /usr/local/apache/bin. If not you can run updatedb as root and then type locate htpasswd to find it.

To create the initial .htpasswd file you must use the -c flag. As root run:

htpasswd -c /usr/local/apache/htdocs/admin/.htpasswd username

Don't forget to change the directory .htpasswd will be located in. The above is set up for securing /usr/local/apache/htdocs/admin. As well change username to whatever username you want to use to log in. It will then prompt you for a password. The next time you add a user you can drop the -c flag since it is only used for the inital creation of the file.

If you haven't already restarted your Apache web server now is the time to do so. Once that has been taken care of, open up a web browser and try to access and see if it prompts you for a password. If something goes wrong check the Apache error log file.

Having trouble? Got questions? Require further assistance? If so please feel free to visit our Help Forums and ask the experts!


I have follow all the way that the above help, and found that my apache server run ok, I can create username & passwd by the way its mension, I can find .htaccess & .htpasswd files in my dircetory

when the first time I point to
(my DocumentRoot is "/var/www")
it prompted me to key in username & password as normal. but after I have keyin & press ok
the browser gave me "Internal server error"

I look for the error.log in apache, It told me "Permission deined,......exec of /var/www/cgi-bin/test/index.php failed" , "Permature end of script headers /var/www/cgi-bin/test/index.php"

any one could tell me whats happenning?


Go to the top of the page
+Quote Post
post May 28 2005, 06:12 AM
Post #2

Its GNU/

Group: Support Specialist
Posts: 1,284
Joined: 14-November 04
From: Southampton, Hampshire
Member No.: 4,165

Sounds like maybe the permissions on the file are not letting Apache read it.

Make sure that either, Apache (httpd?) is the file's owner, or that the file is world-readable.

Is PHP installed as a CGI? if not, it's probably best to keep PHP scripts outside the cgi-bin


Fixed your problem? Let us know! Online Event Management
Go to the top of the page
+Quote Post
cagey cretin
post May 29 2005, 05:51 PM
Post #3


Group: Members
Posts: 96
Joined: 9-September 03
Member No.: 1,413

I still have Joey's tutorial for this; I found it very clear and helpful.

Are you sure you have the correct path to cgi-bin in httpd.conf?
Go to the top of the page
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:


RSS Lo-Fi Version Time is now: 16th July 2018 - 03:38 PM