{"id":187,"date":"2016-02-11T20:59:36","date_gmt":"2016-02-11T20:59:36","guid":{"rendered":"https:\/\/carminebufano.com\/?p=187"},"modified":"2016-02-11T20:59:36","modified_gmt":"2016-02-11T20:59:36","slug":"how-to-password-protect-an-apache-apache2-web-page-or-directory","status":"publish","type":"post","link":"https:\/\/carminebufano.com\/index.php\/2016\/02\/11\/how-to-password-protect-an-apache-apache2-web-page-or-directory\/","title":{"rendered":"How to Password Protect an Apache, Apache2 web page or Directory"},"content":{"rendered":"

\t\t\t\tMany times when building a website, you want to limit access to some content or folder or the whole website. \u00a0For instance you may have a “Downloads” section that you want to give access to selectively. Here is an easy way to make\u00a0Apache web server\u00a0ask for a username and password when someone tries to gain access to directories with\u00a0restricted content, no matter what it is, music, video, files, … anything (even the whole website).<\/p>\n

This example uses Apache2 installed on Ubuntu 14.04<\/p>\n

Here we assume you have a fresh minimal Ubuntu server install. lets install the web server with:<\/p>\n

<\/span>sudo apt-get install apache2<\/pre><\/span><\/p>\n
Lets also install utilities:<\/p>\n
sudo apt-get install\u00a0apache2-utils<\/span><\/pre><\/span><\/p>\n
Your default root directory that Apache serves from is located at \/var\/www\/html<\/p>\n
Now, lets say you have a directory called “Downloads” in the root directory, so your root directory would look something like this:<\/p>\n
 <\/p>\n
index.html Downloads \u00a0 \u00a0(<— Blue means its a folder)<\/span><\/span><\/strong><\/p>\n
So in your \/var\/www\/html directory you have a file called “index.html” and a folder called “Downloads”.<\/p>\n
Downloads folder contains very sensitive content that you do not want to give everyone access to. We will configure Apache to ask the user for a username and password when they click on a link in the “index.html” file that points to the “Downloads” directory<\/p>\n
The package “apache2-utils” gives us the tools needed t add the password using the command\u00a0htpasswd<\/p>\n
Before we do that we need to create a hidden file called .htpassword insoed the \/etc\/apache2 directory. We do this with the following command.<\/p>\n
sudo htpasswd -c \/etc\/apache2\/.htpasswd yourname<\/pre>\n
replace “yourname” with whatever you would like the username to be. (Authentication will consists of a username and password & you can use anything here, like “admin” or “Bob” or “whatever”.<\/p>\n
when you hit enter you will be prompted to supply a password twice.<\/p>\n
This will be the password use for authentication to the “Downloads” directory in this example.<\/p>\n
This gives us a hidden file that Apache can use which stores an encrypted version of the password you were prompted for earlier. (this is good.. nowhere will there be a plain text password for anyone to read)<\/p>\n
Now we need to configure Apache to check this file before serving the protected directory to a clients web browser. We do this by modifying the virtual hosts file. If you have a vanilla install of apache2 and serving only one website the default for this configuration file will be:<\/p>\n
\/etc\/apache2\/sites-enabled\/000-default.conf<\/span><\/p>\n
 <\/p>\n
Lets modify the file like so:<\/p>\n
sudo nano \/etc\/apache2\/sites-enabled\/000-default.conf<\/span><\/pre>\n
at first the file will look like this:<\/p>\n
 <\/p>\n
<VirtualHost *:80>\n    ServerAdmin webmaster@localhost\n    DocumentRoot \/var\/www\/html\n    ErrorLog ${APACHE_LOG_DIR}\/error.log\n    CustomLog ${APACHE_LOG_DIR}\/access.log combined\n<\/VirtualHost><\/code><\/pre>\n
 <\/p>\n
Lets make it look like this:<\/p>\n
<VirtualHost *:80>\n    ServerAdmin webmaster@localhost\n    DocumentRoot \/var\/www\/html\n    ErrorLog ${APACHE_LOG_DIR}\/error.log\n    CustomLog ${APACHE_LOG_DIR}\/access.log combined\n\n    <Directory \"\/var\/www\/html\/Downlods\">\n        AuthType Basic<\/span>\n        AuthName \"Restricted Content\"<\/span>\n        AuthUserFile \/etc\/apache2\/.htpasswd<\/span>\n        Require valid-user<\/span>\n    <\/Directory>\n<\/VirtualHost><\/code><\/pre>\n
 <\/p>\n
We now have everything in place. We have created the hidden file with an encrypted authentication credentials. We have also told Apache which folder to protect “Downloads” if you wanted to protect the whole website you would just change the line below.<\/p>\n
<Directory \"\/var\/www\/html\/Downlods\">\n<\/code><\/pre>\n
TO:<\/p>\n
 <\/p>\n
<Directory \"\/var\/www\/html\"><\/code><\/pre>\n
Now all that is left is to restart Apache with the following command:<\/p>\n
sudo service apache2 restart<\/pre>\n
 <\/p>\n
To check open your browser and navigate to your website and click on the link for the “Downloads” folder and VOILA! up pops a box that asks for a username and password to proceed.<\/p>\n
 <\/p>\n
-Carmine Bufano<\/p>\n
 <\/p>\n
 <\/p>\n
 <\/p>\n
 <\/p>\n
 <\/p>\n
 <\/p>\n
 \t\t<\/p>\n","protected":false},"excerpt":{"rendered":"
Many times when building a website, you want to limit access to some content or folder or the whole website. \u00a0For instance you may have a “Downloads” section that you want to give access to selectively. Here is an easy way to make\u00a0Apache web server\u00a0ask for a username and password when someone tries to gain… Read More<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[15],"tags":[],"class_list":["post-187","post","type-post","status-publish","format-standard","hentry","category-walkthroughs"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":251,"url":"https:\/\/carminebufano.com\/index.php\/2014\/08\/25\/how-to-configure-many-web-servers-behind-one-public-ip\/","url_meta":{"origin":187,"position":0},"title":"How to self host many web servers with different domains & URLs with one public IP","author":"Carmine Bufano","date":"August 25, 2014","format":false,"excerpt":"","rel":"","context":"In "Ubuntu"","block_context":{"text":"Ubuntu","link":"https:\/\/carminebufano.com\/index.php\/category\/ubuntu\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/carminebufano.com\/wp-content\/uploads\/2014\/08\/Pound-Proxy.vsdx_.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/carminebufano.com\/wp-content\/uploads\/2014\/08\/Pound-Proxy.vsdx_.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/carminebufano.com\/wp-content\/uploads\/2014\/08\/Pound-Proxy.vsdx_.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/carminebufano.com\/wp-content\/uploads\/2014\/08\/Pound-Proxy.vsdx_.jpg?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":428,"url":"https:\/\/carminebufano.com\/index.php\/2021\/01\/30\/install-virtual-box-on-ubuntu-16-04-on-a-digitalocean-droplet\/","url_meta":{"origin":187,"position":1},"title":"How to Install Oracle Virtual Box on Ubuntu 16.04 on a DigitalOcean Droplet","author":"Carmine Bufano","date":"January 30, 2021","format":false,"excerpt":"I wanted to circumvent my residential FIOS with my one dynamic public ip in my home lab without upgrading to a commercial account with Verizon. Right now I'm enjoying 1Gig up and down. One look at commercial prices and its a small fortune for static ip's and the same residential\u2026","rel":"","context":"In "openvswitch"","block_context":{"text":"openvswitch","link":"https:\/\/carminebufano.com\/index.php\/category\/openvswitch\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":563,"url":"https:\/\/carminebufano.com\/index.php\/2022\/08\/17\/install-frrouting-in-openswitch-opx-debian-9-stretch-server\/","url_meta":{"origin":187,"position":2},"title":"Install FRRouting in Openswitch OPX Debian 9 (stretch) Server","author":"Carmine Bufano","date":"August 17, 2022","format":false,"excerpt":"Debian 9 server poses a few issues that do not allow FRR to be easily installed. Here are the steps to easily install the routing package. to activate the FRR shell type \"sudo vtysh\" -Carmine Bufano","rel":"","context":"In "Walkthroughs"","block_context":{"text":"Walkthroughs","link":"https:\/\/carminebufano.com\/index.php\/category\/walkthroughs\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":100,"url":"https:\/\/carminebufano.com\/index.php\/2014\/09\/19\/how-to-install-oracle-java-7-on-ubuntu-14-04\/","url_meta":{"origin":187,"position":3},"title":"How to install Oracle Java 7 on Ubuntu 14.04","author":"Carmine Bufano","date":"September 19, 2014","format":false,"excerpt":"","rel":"","context":"In "Walkthroughs"","block_context":{"text":"Walkthroughs","link":"https:\/\/carminebufano.com\/index.php\/category\/walkthroughs\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":568,"url":"https:\/\/carminebufano.com\/index.php\/2022\/08\/19\/install-openswitch-opx-on-debian-9-server-for-testing\/","url_meta":{"origin":187,"position":4},"title":"Install Openswitch OPX on Debian 9 Server for testing","author":"Carmine Bufano","date":"August 19, 2022","format":false,"excerpt":"Add this repo to \/etc\/apt\/sources.list Now run: You will receive an error like this: \"The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 5EF20F34AD2074F \" Copy the characters after NO_PUBKEY from the last command and use it below YOUR PUBKEY WILL BE DIFFERENT Now that\u2026","rel":"","context":"In "Walkthroughs"","block_context":{"text":"Walkthroughs","link":"https:\/\/carminebufano.com\/index.php\/category\/walkthroughs\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":55,"url":"https:\/\/carminebufano.com\/index.php\/2014\/08\/26\/how-to-install-xenserver-tools-on-ubuntu-14-04\/","url_meta":{"origin":187,"position":5},"title":"How to install xenserver tools on Ubuntu 14.04","author":"Carmine Bufano","date":"August 26, 2014","format":false,"excerpt":"","rel":"","context":"In "Citrix Xenserver"","block_context":{"text":"Citrix Xenserver","link":"https:\/\/carminebufano.com\/index.php\/category\/citrix-xenserver\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"jetpack_shortlink":"https:\/\/wp.me\/p70MUT-31","jetpack_sharing_enabled":true,"jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/carminebufano.com\/index.php\/wp-json\/wp\/v2\/posts\/187","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/carminebufano.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/carminebufano.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/carminebufano.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/carminebufano.com\/index.php\/wp-json\/wp\/v2\/comments?post=187"}],"version-history":[{"count":0,"href":"https:\/\/carminebufano.com\/index.php\/wp-json\/wp\/v2\/posts\/187\/revisions"}],"wp:attachment":[{"href":"https:\/\/carminebufano.com\/index.php\/wp-json\/wp\/v2\/media?parent=187"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/carminebufano.com\/index.php\/wp-json\/wp\/v2\/categories?post=187"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/carminebufano.com\/index.php\/wp-json\/wp\/v2\/tags?post=187"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}