I would like to protect a web folder via .htpasswd. However, as the .htaccess file is under version control, I would prefer to not mess with it.
Instead, I would like to have the 开发者_如何转开发configuration in
/etc/apache2/sites-enabled/mysite /etc/apache2/.htpasswdAny idea what I need to put in the "mysite" apache configuration file?
So far it is sth like this,
<VirtualHost (ip address):80>
ServerName my.domain
DocumentRoot /var/sites/sitename
ServerAdmin ...
</VirtualHost>
Heureka, I figured it out myself.. or what I think to be the solution.
<VirtualHost (ip address):80>
ServerName my.domain
DocumentRoot /var/sites/sitename/
ServerAdmin ...
<Directory /var/sites/sitename/>
AuthUserFile /etc/apache2/.htpasswd
AuthGroupFile /dev/null
AuthName "What is the pw"
AuthType Basic
require user (username)
</Directory>
</VirtualHost>
The .htpasswd can be created in the usual way via commandline,
# htpasswd /etc/apache2/.htpasswd (username)
EDIT: anthony in the comment below strongly recommends you use https/SSL, to prevent the password from being sent unencrypted.
精彩评论