Apache2 Basic Authentication

Table of Contents


Virtual Host Configuration

To add basic authentication to an apache2 virtual host you need to add the following lines to the virtual host configuration.

AuthType Basic                                               (1)
AuthName "Private Documentation Repository"                  (2)
AuthUserFile /var/www/crock.norang.ca/.htpasswd-private      (3)
Require valid-user                                           (4)
  1. Set the Basic authentication method
  2. Provide a name for the location (optional)
  3. Specify the pathname to the file that contains usernames and passwords. The usual filename to use is .htpasswd
  4. Specify that only users that exist in the file are allowed access

The AuthUserFile should not be located in a directory served by apache2 since you do not want people to be able to download the contents of this file. This file contains the valid usernames and passwords. Example: Virtual Host Entry

<Directory "/var/www/crock.norang.ca/htdocs/private/">
    DirectoryIndex index.py
    AddHandler cgi-script .py
    Options Indexes FollowSymLinks MultiViews ExecCGI
    AuthType Basic
    AuthName "Private Documentation Repository"
    AuthUserFile /var/www/crock.norang.ca/.htpasswd-private
    Require valid-user
    AllowOverride None
    Order allow,deny
    allow from all

htpasswd file

The htpasswd file (var/www/crock.norang.ca.htpasswd-private' in the example above) is created and maintained by the `htpasswd program. Use use this program to add or change password entries in the file.

Creating New Users

Example: Creating a new entry

$ htpasswd /var/www/crock.norang.ca/.htpasswd-private newuser
New password:
Re-type new password:

This prompts for the password for newuser and stores the encrypted password in the password file.

Example: Created password entry (part of the .htpasswd file)


Deleting Users

You delete users from the .htpasswd access file as follows

Example: Deleting user account newuser

$ htpasswd -D .htpasswd newuser

Author: Bernt Hansen