Apache secure directory with user and password

For installing a new apache web server and create virtual hosts , please read this

To restrict access to some site or sub-directory of a site :

set AllowOverride AuthConfig in virtual host configuration

and create .htaccess on directory that need to restricte access to it and of course that is applied to subfolder also.

.htaccess file contents:

AuthType Basic
AuthName “Named Title”
AuthUserFile /etc/httpd/htpasswd
require valid-user


Now we need to create the file that we mentioned in .htaccess file with parameter AuthUserFile , it will store users and passwords for our secure site.

It doesn’t matter what you name it , but it must be the same name as you create it.
htpasswd -c /etc/httpd/htpasswd USER

type your password twice, that is it, we have USER with password.
*use [ -c ] only when first create that file with first user.


vim /etc/httpd/conf.d/secure.conf

 <Directory /web/secure >
 AllowOverride AuthConfig
 <VirtualHost *:80>
 ServerName secure.akm.local
 ServerRoot  /web/secure/

vim /web/secure/.htaccess

 AuthName "Welcome to Private data"
 AuthType Basic
 AuthUserFile /etc/httpd/htpasswd
 Require valid-user


htpasswd -c /etc/httpd/htpasswd akm
htpasswd /etc/httpd/htpasswd testuser

#add users as you need , don't forget to reload httpd.

systemctl reload httpd

Enjoy it.

Comments are closed.