httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nelson Goforth <ngofo...@earthnet.net>
Subject Re: [users@httpd] Protecting files in a directory
Date Mon, 27 Jan 2003 00:25:32 GMT
The part of the Apache documentation that covers the topic is mod_auth 
(and a few others).  Authorization is NOT simple to understand, and I 
personally find it best to set up a 'test' directory and experiment.  
Once you've made it work the first time it will seem suddenly clearer.  
The documentation is at:

     http://httpd.apache.org/docs/mod/mod_auth.html

There are many modules in Apache, providing many useful services.  You 
can see them all grouped together by function at:

    http://httpd.apache.org/docs/mod/index-bytype.html

Mod_auth is in the "Access Control" section.

------

But to put it simply, all of your Apache setup is handled by the 
httpd.conf file somewhere in the depths of your system.  It can 
provide, among other things, access control for each directory in the 
website.

However, if httpd.conf is set up in a fairly standard way, it allows 
for you to control certain aspects of Apache on a 
directory-by-directory basis, using a file called ".htaccess".

The .htaccess file is normally hidden, but you should be able to see it 
in an FTP window or on the command line using the 'ls -al' command.  If 
you do not see it, then it probably just isn't there and you'll have to 
create one.

It is a simple text file placed inside the directory that you want to 
protect (or otherwise control - it does more than protect).  The 
.htaccess statements look just like other statements you'll see in 
httpd.conf, but they only apply to THIS directory.  It DOES affect 
other directories inside that directory.

You can read more on authorization and  authentication at:
    http://httpd.apache.org/docs/howto/auth.html

And "How To Use htaccess" at:
    http://apache-server.com/tutorials/ATusing-htaccess.html

Good luck,
Nelson

On Sunday, January 26, 2003, at 04:51  PM, Issa Mbodji wrote:

> Thanks for the info, but I have a question:
>
> When you say "look into .htaccess and .htpasswd files", does it mean 
> that I have to create the .htaccess file because I cannot see it. I am 
> only seeing the .htpasswd file which I used to create the passwords 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message