Hey there! Part five is now a few weeks old, and it’s about time for the next step! Today the topic is simple file/folder protection with the help of htaccess (don’t worry if you have no clue what that means). When you develop on a new project it’s nice to be able to keep the public out, while working on it. And I am sure you can also come up with a whole lot of different reasons why you would want to protect certain files.
What is htaccess protection?
Htaccess files (hypertext access files) allow you to alter the configuration of the web-server to an extend permitted by the server administrator (which most commonly will be an Apache web server in the hosting industry, like used by Servage). In plain english that means, that you have the possibility to make some server settings that are different from the server’s defaults, if your administrator allows you to do that. There are many purposes for this. One of them is the setting of access control, which we will cover in the this article. Htaccess protection is therefore protection which is defined within the scope of the web servers settings, based on an htaccess file. Sounds complicated? It’s not! You will soon see how simple it is!
How to initiate protection?
In order to make the web-server understand that you want to protect a given folder, create a file called “.htaccess” within that particular folder with the following content:
AuthUserFile /full_path_to_your_folder/.htpassword AuthGroupFile /dev/null AuthName EnterPassword AuthType Basic require valid-user
How to create users?
Create another file in the same folder called “.htpassword”. In this file we will be storing the users and their corresponding passwords. Add the following content (for user “mouser” with password “123456”):
myname:$1$PjPKL5NF$aleGVj9yBhVHeTl7CRFY7.
If you now enter the folder via your browser, you will be promted for login data. Please be aware that if you wish to add further users, the username is followed by a colon and the password in encrypted format. But don’t worry, there are plenty of places that assist you with that (e.g. here).
Advantage for Servage users
The Servage control panel allows you to protect folders by creating the proper htaccess files for you! You simply need to login to the control panel, use the file manager to identify what folder you wish to protect, and then click the little “lock” icon in the file manager. Thereafter you can enable/disable the protection, as well as add/remove users.
Limitations of htaccess protection
This type of protection is good for some quick protection for a few people. But as soon as you want to protect something more complicated, like only a part of a website instead of an entire folder, or have many users, then this system has it flaws, and some other protection system is needed, possible in combination with a different user administration etc. But for now, this should get you going to simply make a certain folder private!
No comments yet (leave a comment)