Search | Directories | Reference Tools
UW Home > UWIN > Computing and Networking > Web > Web Publishing > Controlling Access 

Basic Password Protection

Summary

This article provides step-by-step instructions for applying basic password protection to your Web site. Password protection is activated by creating a .htaccess file in your Web directory. This file defines the name people use to log in to your Web site. The corresponding password is created separately by running the htpasswd command. If need be, you can extend this technique to use more than one name and password. The necessary instructions are included below.

To control access to your Web site using basic password protection:

  1. Log in to your Homer, Dante, or Shell.MyUW.net account.

  2. Press the O key for Other, then press the W key to drop into the Web development environment.

  3. At the prompt, enter the following command to change directories to your Web directory:

    cd public_html

    If you want to password protect a subdirectory rather than your whole Web site, change directories to the subdirectory you want to protect. For example:

    cd private

  4. At the prompt, enter the following command to create a .htaccess file in the current working directory:

    pico .htaccess

  5. Add the following text to this file:

    AuthType Basic
    AuthUserFile .htpasswd
    AuthName "Town of Bedrock"
    require user fred

  6. Replace "Town of Bedrock" with your choice of text. This text is displayed when users are prompted for a name and password. Use something short that describes your password protected Web site. If you use multiple words with spaces between them, make sure to surround them in quotes.

  7. Replace "fred" with the name (all lowercase) you want to use.

  8. Save the .htaccess file (in Pico use ^X).

  9. Back at the prompt, enter the following command to create a password file:

    htpasswd -c .htpasswd fred

    "fred" represents the username you set up in step 8. Once you enter this command, you will be prompted to enter and confirm "fred's" password.

    Tip: If you get a "command not found" error message, you are probably not on the Web Development Environment. You should start these instructions over, paying special attention to steps 1-3.

  10. You're done! Confirm that password protection is working by opening your Web site with a Web browser.

Adding More Names

To create additional names and passwords:

  1. At the prompt, edit the .htaccess file you created before:

    pico .htaccess

  2. Add additional names to the .htaccess file. For example:

    require user fred barney wilma

  3. Save the .htaccess file (in Pico use ^X).

  4. Now create a password for each additional name by entering the following command:

    htpasswd .htpasswd barney

    Substitute "barney" appropriately and repeat for each name you added.

If you have more than a few names, it might be easier to maintain them using Basic Group Password Protection.