Return-Path: 
 <users-return-21391-apmail-httpd-users-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-users-archive@httpd.apache.org
Received: (qmail 7768 invoked by uid 500); 29 Jan 2003 22:54:10 -0000
Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
list-help: <mailto:users-help@httpd.apache.org>
list-unsubscribe: <mailto:users-unsubscribe@httpd.apache.org>
list-post: <mailto:users@httpd.apache.org>
Delivered-To: mailing list users@httpd.apache.org
Received: (qmail 7727 invoked from network); 29 Jan 2003 22:54:09 -0000
Received: from sabre.velocet.net (216.138.209.205)
  by daedalus.apache.org with SMTP; 29 Jan 2003 22:54:09 -0000
Received: from gej-it.com (H213.C220.tor.velocet.net [216.138.220.213])
	by sabre.velocet.net (Postfix) with ESMTP id 76C381382DD
	for <users@httpd.apache.org>; Wed, 29 Jan 2003 17:54:15 -0500 (EST)
Received: from jeff ([192.168.0.101])
	by gej-it.com ([216.138.220.213])
	with SMTP (MDaemon.PRO.v6.5.1.R)
	for <users@httpd.apache.org>; Wed, 29 Jan 2003 17:51:22 -0500
From: "Jeff Cohen" <apache@gej-it.com>
To: <users@httpd.apache.org>, "'Johan Eliasson'" <nebol@home.se>
Date: Wed, 29 Jan 2003 17:51:18 -0500
Message-ID: <000201c2c7e8$f0538260$6500a8c0@jeff>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.4510
Importance: Normal
In-Reply-To: <003b01c2c7d3$1af95550$0200a8c0@conan>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
X-MDRemoteIP: 192.168.0.101
X-Return-Path: apache@gej-it.com
X-MDaemon-Deliver-To: users@httpd.apache.org
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N
Subject: RE: [users@httpd] Q: pw protect folder, no users, just pw

If you want just one folder to be protected, then just change the path =
name
and the password file location from the example below:

<Directory "c:/apache/htdocs/protected_dir">
        Options Indexes MultiViews
        AllowOverride None
        Order allow,deny
        Allow from all
AuthType Basic
AuthName "Please Enter your Username and Password"
AuthUserFile "c:/apache/apache2/pass/.htpasswd"
Require valid-user
</Directory>

Now, to create the password file you'll need to use the "htpasswd.exe" =
file
that is located at the apache/bin folder.
Copy it to the apache/pass folder and get into command prompt and type =
the
follow:

C:/apache/pass/> htpasswd -c .htpasswd user_name

Here you'll have to enter the password for that user_name that you have
entered twice.
In case you'd like to add another user to this password file, you use =
the
following syntax:

C:/apache/pass/> htpasswd -b .htpasswd user_name password

A bit of explanation about the htpasswd.exe command:
-b option is the *add* or *append* command
-c option is to create a password file that does not exist.

All the best,
Jeff Cohen

> -----Original Message-----
> From: Johan Eliasson [mailto:nebol@nebol.dyndns.org]
> Sent: Wednesday, January 29, 2003 3:15 PM
> To: users@httpd.apache.org
> Subject: [users@httpd] Q: pw protect folder, no users, just pw
>=20
> Hi!
>=20
> I'm running the latest build of Apache 1.3 on a Win2K machine.
> Most of my site is open for all, however one folder I want to password
> protect.
>=20
> I've read a little about it in FAQ's but it seems most solutions =
require a
> list of users and passwords in a database of some sort. I don't want =
to
> keep
> track of users and their passwords, and even though I have mySQL =
running
> on
> my machine, I'd prefer not to use it, since that would require me to =
bring
> mySQL along when I move the site to another machine.
>=20
> I want just a single password check, no users. I don't need 100% =
security,
> I
> just want to prevent web spiders from indexing the data, and stop =
casual
> surfers from entering the folder. If some hacker breaks it, so be it. =
Let
> him have the immense joy of browsing through my private photo
> collection...
>=20
> I would like to present a simple page with an input box for password,
> perhaps a little hint like "the password is the name of my daughter" =
so
> that
> my friends and relatives easily can surf on in. And that would save me =
a
> lot
> of phonecalls from my absent-minded mother.
>=20
> A messagebox works too.
> And I want the check to be done also if the surfer tries to go =
directly to
> a
> file, not just on the start page.
>=20
> I can code cgi's in C++. I know nothing about javascript, asp or php.
>=20
> Please advise! :)
>=20
> Best regards,
>           Johan Eliasson.
>=20
>=20
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server =
Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org