开发者

.htpasswd without .htaccess

开发者 https://www.devze.com 2023-04-07 17:46 出处:网络
I would like to protect a web folder via .htpasswd. However, as the .htaccess file is under version control, I would prefer to not mess with it.

I would like to protect a web folder via .htpasswd. However, as the .htaccess file is under version control, I would prefer to not mess with it.

Instead, I would like to have the 开发者_如何转开发configuration in

/etc/apache2/sites-enabled/mysite

/etc/apache2/.htpasswd

Any idea what I need to put in the "mysite" apache configuration file?

So far it is sth like this,

<VirtualHost (ip address):80>
  ServerName   my.domain
  DocumentRoot /var/sites/sitename
  ServerAdmin  ...
</VirtualHost>


Heureka, I figured it out myself.. or what I think to be the solution.

<VirtualHost (ip address):80>
  ServerName   my.domain
  DocumentRoot /var/sites/sitename/
  ServerAdmin  ...
  <Directory /var/sites/sitename/>
    AuthUserFile  /etc/apache2/.htpasswd
    AuthGroupFile /dev/null
    AuthName  "What is the pw"
    AuthType Basic
    require user (username)
  </Directory>
</VirtualHost>

The .htpasswd can be created in the usual way via commandline,

# htpasswd /etc/apache2/.htpasswd (username)

EDIT: anthony in the comment below strongly recommends you use https/SSL, to prevent the password from being sent unencrypted.

0

精彩评论

暂无评论...
验证码 换一张
取 消