httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Johan Eliasson" <ne...@nebol.dyndns.org>
Subject Re: [users@httpd] Q: pw protect folder, no users, just pw
Date Thu, 30 Jan 2003 01:17:43 GMT
Thanks Jeff and Michael, this works very good!

How can I avoid auth checking for certain filetypes in the folder ?
I have some sound files, and when I try to stream them in winamp,
winamp asks for login and password as well, that's not necessary.

Best regards,
           Johan E.

----- Original Message -----
From: "Jeff Cohen" <apache@gej-it.com>
To: <users@httpd.apache.org>; "'Johan Eliasson'" <nebol@home.se>
Sent: Wednesday, January 29, 2003 10:51 PM
Subject: RE: [users@httpd] Q: pw protect folder, no users, just pw


If you want just one folder to be protected, then just change the path name
and the password file location from the example below:

<Directory "c:/apache/htdocs/protected_dir">
        Options Indexes MultiViews
        AllowOverride None
        Order allow,deny
        Allow from all
AuthType Basic
AuthName "Please Enter your Username and Password"
AuthUserFile "c:/apache/apache2/pass/.htpasswd"
Require valid-user
</Directory>

Now, to create the password file you'll need to use the "htpasswd.exe" file
that is located at the apache/bin folder.
Copy it to the apache/pass folder and get into command prompt and type the
follow:

C:/apache/pass/> htpasswd -c .htpasswd user_name

Here you'll have to enter the password for that user_name that you have
entered twice.
In case you'd like to add another user to this password file, you use the
following syntax:

C:/apache/pass/> htpasswd -b .htpasswd user_name password

A bit of explanation about the htpasswd.exe command:
-b option is the *add* or *append* command
-c option is to create a password file that does not exist.

All the best,
Jeff Cohen

> -----Original Message-----
> From: Johan Eliasson [mailto:nebol@nebol.dyndns.org]
> Sent: Wednesday, January 29, 2003 3:15 PM
> To: users@httpd.apache.org
> Subject: [users@httpd] Q: pw protect folder, no users, just pw
>
> Hi!
>
> I'm running the latest build of Apache 1.3 on a Win2K machine.
> Most of my site is open for all, however one folder I want to password
> protect.
>
> I've read a little about it in FAQ's but it seems most solutions require a
> list of users and passwords in a database of some sort. I don't want to
> keep
> track of users and their passwords, and even though I have mySQL running
> on
> my machine, I'd prefer not to use it, since that would require me to bring
> mySQL along when I move the site to another machine.
>
> I want just a single password check, no users. I don't need 100% security,
> I
> just want to prevent web spiders from indexing the data, and stop casual
> surfers from entering the folder. If some hacker breaks it, so be it. Let
> him have the immense joy of browsing through my private photo
> collection...
>
> I would like to present a simple page with an input box for password,
> perhaps a little hint like "the password is the name of my daughter" so
> that
> my friends and relatives easily can surf on in. And that would save me a
> lot
> of phonecalls from my absent-minded mother.
>
> A messagebox works too.
> And I want the check to be done also if the surfer tries to go directly to
> a
> file, not just on the start page.
>
> I can code cgi's in C++. I know nothing about javascript, asp or php.
>
> Please advise! :)
>
> Best regards,
>           Johan Eliasson.
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message