Apache User Based Authentication

Step 1. Open the httpd.conf file and go to the bottom of the file & put the below mentioned entries

[root@localhost ~]# vim /etc/httpd/conf/httpd.conf 

ServerAdmin root@localhost.localdomain 
DocumentRoot /var/www/html
< Directory /var/www/html >
AllowOverride Authconfig

ServerName www.linuxonlinesolutions.com
ErrorLog /etc/httpd/logs/error_log 
CustomLog /etc/httpd/logs/access_log common 

Here above ‘AllowOverride Authconfig’ means that the www.linuxonlinesolutions.com will require password authorization to access the web page in the mentioned directory.

Step 2. Restart the httpd service

[root@localhost ~]# service httpd restart

Step 3. Create a file .htaccess in your website where your web page is stored and put the following entries.

[root@localhost~]# vim /var/www/html/.htaccess

AuthName "Linux Online Solutions Authentication Page" 

AuthType basic  

AuthUserFile "/etc/httpd/.htpasswd"

require user   user1 user2

Here above:
AuthName: It is the Name which will be displayed on the password enter screen when you will be prompted to enter the username and password,which is given by the web server.
AuthType: This is the type of user authentication for a directory. Here we can use Only two options ‘Basic’ and ‘Digest’.Here i am using Basic Authentication.
AuthUserFile: This is the location of htpasswd file where the passwords of users are stored to access the webpage.
Require User: Here we will write the username of the users which are permitted to login on website.

Step 4. Now perform The following steps

[root@localhost~]# htpasswd -mc /etc/httpd/.htpasswd user1

[root@localhost~]# htpasswd -m /etc/httpd/.htpasswd user2

The above commands will create password for users user1 and user2. Remember when the first time you will create password, you will use option ‘-mc’ with htpasswd command and the next time whenever you will create password for new users, you will use ‘-m’ option. These options stand for following:
M : Modify in Md5 encryption
C : Create

Step5. Now change the group of ‘.htpasswd’ file to apache and restart the service.
Note: ‘.htpasswd’ and ‘.htaccess’ files that you have created should have read permissions for the users and group. By default, any newly created file in Linux already have read permission for all users and groups.

[root@localhost~]# chgrp apache /etc/httpd/.htpasswd

[root@localhost~]# service httpd restart
You can leave a response, or trackback from your own site.

Leave a Reply