{"id":282,"date":"2015-08-08T08:21:41","date_gmt":"2015-08-08T08:21:41","guid":{"rendered":"http:\/\/www.howtolearnlinux.com\/?p=282"},"modified":"2015-08-08T08:25:22","modified_gmt":"2015-08-08T08:25:22","slug":"enabling-security-using-htaccess-file","status":"publish","type":"post","link":"http:\/\/shijuvarghese.com\/?p=282","title":{"rendered":"Enabling security using .htaccess file"},"content":{"rendered":"<p>When working with web servers, and displaying contents, you may wish to restrict access to certain pages to only authenticated users. Which means one will require a password to view these restricted pages. Though there are several techniques to achieve this objective, the use of .htaccess is one of the most simplest, but powerful mechanism available. This goes well with <strong>Apache<\/strong> web servers. The dot that starts the file name will keep the file hidden within the folder<\/p>\n<p>&nbsp;<\/p>\n<p>The Apache web server controls its security via the &#8220;httpd.conf&#8221; file. If the installation of the server is a default installation using the default configuration, without re-configuring the security control parameters using .htaccess method to restrict access to web pages is simple. Listed below are the procedures to configure it in a host named <strong>host.sample.com<\/strong>, where the DocumentRoot folder is <strong>\/var\/www\/html<\/strong> and our restricted page is stored in <strong>\/var\/www\/html\/test\/r_page.html<\/strong><\/p>\n<p><strong>#] cd \/var\/www\/html\/test<\/strong><\/p>\n<p><strong>#] vi .htacess<\/strong><\/p>\n<p><em>Now add the following lines<\/em><\/p>\n<ul>\n<li>AuthUserFile \/var\/www\/html\/test\/.htpasswd<br \/>\nAuthName &#8220;Please Enter Your Password&#8221;<br \/>\nAuthType Basic<br \/>\nRequire valid-user<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>Open the httpd main configuration file <strong>\/etc\/httpd\/conf\/httpd.conf<\/strong>, or the one you have in your host, and check if there are any line or block containing the folder <strong>\/var\/www\/html\/test<\/strong>. If there is one, make sure the line &#8220;<strong>AllowOverride<\/strong><strong>&#8220;<\/strong> does not have value <strong>None<\/strong>. If it is present, change it to <strong>All<\/strong>.<\/p>\n<p>If a block with the folder name <strong>\/var\/www\/html\/test<\/strong> does not exist, create one as bellow at the end of the <strong>httpd.conf<\/strong> file.<\/p>\n<ul>\n<li>\u00a0&lt;Directory \/var\/www\/&gt;<br \/>\nOptions Indexes FollowSymLinks MultiViews<br \/>\n<strong>AllowOverride All<\/strong><br \/>\nOrder allow,deny<br \/>\nallow from all<br \/>\n&lt;\/Directory&gt;<\/li>\n<\/ul>\n<p>Restart http server using the command &#8220;<strong>service httpd restart<\/strong>&#8221;<\/p>\n<p>&nbsp;<\/p>\n<p>Now let us create the password:<\/p>\n<p><strong>#] cd \/var\/www\/html\/test<\/strong><\/p>\n<p><strong>#] htpasswd -c .htpasswd admin<\/strong><\/p>\n<p>When prompted enter the password<\/p>\n<p>&nbsp;<\/p>\n<p>To verify the setting try accessing the web site : http:\/\/&lt;hostname&gt;\/test<\/p>\n<p>You should the prompted to enter the username and password. Use the username <strong>admin<\/strong> and the password you entered above.<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<div class=\"mh-excerpt\"><p>When working with web servers, and displaying contents, you may wish to restrict access to certain pages to only authenticated users. Which means one will <a class=\"mh-excerpt-more\" href=\"http:\/\/shijuvarghese.com\/?p=282\" title=\"Enabling security using .htaccess file\">[&#8230;]<\/a><\/p>\n<\/div>","protected":false},"author":1,"featured_media":260,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3,14],"tags":[],"class_list":["post-282","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux","category-security"],"_links":{"self":[{"href":"http:\/\/shijuvarghese.com\/index.php?rest_route=\/wp\/v2\/posts\/282","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/shijuvarghese.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/shijuvarghese.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/shijuvarghese.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/shijuvarghese.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=282"}],"version-history":[{"count":2,"href":"http:\/\/shijuvarghese.com\/index.php?rest_route=\/wp\/v2\/posts\/282\/revisions"}],"predecessor-version":[{"id":284,"href":"http:\/\/shijuvarghese.com\/index.php?rest_route=\/wp\/v2\/posts\/282\/revisions\/284"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/shijuvarghese.com\/index.php?rest_route=\/wp\/v2\/media\/260"}],"wp:attachment":[{"href":"http:\/\/shijuvarghese.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=282"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/shijuvarghese.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=282"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/shijuvarghese.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=282"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}