|What & Link||Type|
|Apache Docs -
|Digital Ocean - Setting up Password Auth With Apache||Guide|
Creating the Password File
If you have a local Apache installation (e.g. WAMP/LAMP/MAMP), you might already have the
htpasswd program installed locally. Or, you could execute it directly on the server by SSH'ing in first.
which htpasswdto see if you get back a path, and verify you have the program installed.
The program has a ton of options, but a basic command to create a password file can be:
htpasswd -c -B FILE_TO_CREATE USER # Example: # htpasswd -c -B /etc/apache2/.htpasswd joshua
Using the Password File
There are multiple ways to use the generated
htpasswd file with your server, but for quick projects, I like using the
htaccess method. Full steps are outlined here, but to sum up: place a
.htaccess file in the directory you want to secure, noting where the password file lives in relation to the directory.
The contents of the
.htaccess should look something like this:
AuthType Basic AuthName "Restricted Content" Require valid-user # The line below needs to point to the location of the password file # In this example, it is in the *same* folder as the `.htaccess` file # The password file does not have to be named exactly this way, # but the path needs to match AuthUserFile ".htpasswd"
You might also be interested in my htaccess cheatsheet