This is a continuation of our tutorial on password protecting a specified directory using the .htaccess file. This portion will best be appreciated if you have gone over the preceding tutorial.
For purposes of covenience, web administrators create groups of users as opposed to individual users. This makes it easier for them to grant/deny access to users as a lump.
Step 1: Login to your server.
In the preceding tutorial, we stated that the first step is to start a telnet session to your server. Following the example used therein, we will password-protect a directory named "members_only". Once you have successfully logged in via telnet, change directory and proceed to the path you would like to password-protect. Type something like this at the telnet prompt:
Note that the actual path will depend on your own server. The above is only an example.
Step 2: Create the .htaccess file.
We will now create the text file named .htacces using pico (the Unix text editor). Invoke pico by tyoing pico .htaccess at the prompt. You can then input type in the following:
AuthName Members Only Area
<Limit GET POST>
require group RegularMembers
Since we've explained the structure of the .htaccess file in the preceding tutorial, here we will only cover the second line - the AuthGroupFile. This line points to a text file containing your users categorized into groups. The .htgroup file looks like this:
RegularMembers: bob joe al tina lou ben
PremiumMembers: charlie anne jim rod harry
GoldMembers: george frank lisa amy bobby
Note in this example that the .htaccess file is granting permission to the group named RegularMembers (see last few lines of the .htaccess file). This would mean that the directory may only grant access to the names found in the file .htgroup listed on the first line - RegularMembers. As stated earlier, this is a convenient alternative to posting all the usernames individually in the .htaccess file's last few lines.
Step 3: Create the password file.
Similar to the example in the preceding tutorial, you will need to create a file named .htpasswd - the file pointed to in the first line AuthUserFile. On the telnet prompt, type:
htpasswd .htpasswd Username
Username is the name of the user you want to include in the .htpasswd file. This Username must also be present in the .htgroup file.
As a recap, we opted to create a group file called .htgroup to contain a list of many usernames in order to make it easier to assign access privileges to more than 1 username.
Back to Tips and Tutorials