Use .htpasswd

How to limit access to catalogues of a site

The most simple way it to make - to use the built - in authorization of apache web - server. For this purpose the file .htaccess c corresponding is used

Directives for apache. In the most simple case of the directive should be such:



authuserfile/polnyj_put`_k_fajlu/.htpasswd

    authgroupfile/dev/null

    authname the help

    authtype basic

    require valid-user


Authuserfile directive sets a way to a file containing names and passwords of users. He can practically have any name and settle down in any catalogue,

The main thing - that the web - server could read it , that demands installation of corresponding access rights to this file (on our server - 644). However it is traditional

Such files name .htpasswd

At such set of directives access to the catalogue will be received by all users listed in .htpasswd. To give access only to some from them, instead of require

valid-user It is necessary in .htaccess to write down require user JA»¿JA«¬_¿¼S¡_»«½ehº«ubFS½S® directive

Where spisok_imen_pol`zovatelej looks like: imja_pol`zovatelja1 imja_pol`zovatelja2 imja_pol`zovatelja3...

How to create a file .htpasswd

Though .htpasswd is usual text a file, for job with it  there is a special utility - its{her} variant for unix is called htpasswd

Htpasswd-c .htpasswd ¿¼n_»«½ehº«ubFS½n command

Will create a new file .htpasswd, will request the password for the user and will create recording about the user with the specified name and the password in this file.


How to add or change recording about the user in .htpasswd

Htpasswd ¿¼n_khb®½b ¿¼n_»«½ehº«ubFS½n command

Will request the password for the user and will create recording about the user with the specified name and the password in ukazanom a file or will change the password of the user in already

Existing recording.

How to remove recording about the user from .htpasswd

For this purpose it is enough to open .htpasswd the usual text editor, to find and remove a line beginning with imja_pol`zovatelja:



Prompt, please, as I can create a working file .htpasswd?


Like it is clear, that the passwords corresponding to logins, are stored{kept} in these files in zakriptovannoj to the form.

Tried different utilitki for win which kriptujut passwords on it would seem to suitable circuit. But in practice passwords are not distinguished.


Than in windows to create files .htpasswd that they worked?

To create these files it is better through a script.


1. To create a file of passwords, having executed from a script the command

/usr/local/apache/bin/htpasswd-c-b passwordfile username password


Where passwordfile it, for example,/home/mydomainru/.htpasswd

usernanme and password accordingly a login name and the password


2. In a directory which you paroliruete, to create a file .htaccess



authtype basic

    authname " security system "

    authuserfile/home/mydomainru/.htpasswd


    <limit get post>

    require valid-user

    </limit>