HTTP Authentication

Support

HTTP Authentication
Your Virtual Private Server Apache Web Server supports user authentication. In other words, it allows you to create password protected directories on your Virtual Private Server web site. Let's say you want to restrict access to a the following directory to those with a valid username and password.

http://YOUR-DOMAIN.NAME/billy/

Configuration
You can configure password authentication by connecting to your server via Telnet or SSH and following the steps below.

Create a file named .htaccess in your ~/www/htdocs/billy directory that restricts access to the directory. In our example, we will allow one user (William) to access the directory. The .htaccess file must reside in the directory it will be controlling, so we must put it in the ~/www/htdocs/billy directory.

You can either create the .htaccess file while connected to your server (using a file editor like pico, for example) or you can create the file on your own PC and Upload it to your Virtual Private Server. The file should contain the following text, depending on your server O/S.
- FreeBSD & Solaris
```
AuthUserFile /etc/.htpasswd
AuthGroupFile /dev/null
AuthName "Bill's Restaurant"
AuthType Basic

<Limit GET>
require user William
</Limit>
        
```
- BSD/OS Upgrade!
  Do not include the quotation marks in the AuthName directive:
```
AuthUserFile /etc/.htpasswd
AuthGroupFile /dev/null
AuthName Bill's Restaurant
AuthType Basic

<Limit GET>
require user William
</Limit>
        
```
- Huh?
  If you don't know the Virtual Private Server O/S, try the following:
  - Which O/S Is Your Virtual Private Server Running?
Use the htpasswd command to set a password for the new user.
- Choosing a Password
Substitute your Virtual Private Server login name for LOGIN-NAME below.

% htpasswd -c /usr/home/LOGIN-NAME/etc/.htpasswd William

You are free to use a different name or directory location for the password file. Just change the /usr/home/LOGIN-NAME/etc/.htpasswd above to whatever you want.

The -c flag indicates that you are adding a user to the /etc/.htpasswd for the first time. When you add more users and passwords to the same password file, the -c flag is not necessary.
```
% htpasswd /usr/home/LOGIN-NAME/etc/.htpasswd peanuts
% htpasswd /usr/home/LOGIN-NAME/etc/.htpasswd almonds 
% htpasswd /usr/home/LOGIN-NAME/etc/.htpasswd walnuts
      
```

More Information
The best place to learn about user authentication is from the source (NCSA)

User Authentication Tutorial

NOTE: You should be aware of one subtle difference with the Virtual Private Server system. When you set up your .htaccess files, you specify the AuthUserFile or AuthGroupFile with respect to your home directory. However, when you set up your .htpasswd files with the htpasswd command you need to prepend /usr/home/LOGIN-NAME to the directory specification.