LINUX

Restrict access to a an apache directory

If you have a directory inside apache that you want to protect with a password, here is how to do :

Create a new user and set his password :


htpasswd -c /var/www/html/secret_dir/.pass_file secretuser
New password:
Re-type new password:

 

Modify your virtualhost conf file, by adding this :


<VirtualHost *:80>
    ServerName myServerName
    ServerAlias myServerName
    DocumentRoot "/var/www/html"
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
 
    <Directory "/var/www/html">
        Options Indexes FollowSymLinks MultiViews
        AllowOverride All
        Order allow,deny
        Allow from All
    </Directory>
 
    <Location /secret_dir>
        Order Allow,Deny
        Allow from all
         #### Authent for secret dir
         AuthUserFile /var/www/html/secret_dir/.pass_file
         AuthName authorization
         AuthType Basic
         require valid-user
         #### End secret authent
    </Location>
</VirtualHost>

Restart apache :


service apache2 restart

That’s it.

Leave a Reply

Your email address will not be published. Required fields are marked *