Overview
To Secure the Apache Virtualhost (or) a particular document root /directory. We can use this Basic Auth mechanism.
When the user is trying to access the resource from the directory. User will be prompted for Authentication.
Step1
Create a Password file with username and password entry using htpasswd tool. Available at apache bin directory.
This is how the users file looks like by default the password entered will be encrypted using MD5 algorithm
Step2
Make configuration changes in httpd.conf file.
Under the Directory module that you want to apply BasicAuth secuirty
Add the below lines
AuthType Basic AuthName sarasoftaccess AuthUserFile bin/users Require valid-user DirectoryIndex index.html Allow from all
This is how our configuration looks like
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
< VirtualHost *:80> ServerAdmin [email protected] DocumentRoot J:/www/sarasoft/staticfiles/ ServerName sarasoft.com ErrorLog logs/sarasoft-error.log CustomLog logs/sarasoft-access.log common </ VirtualHost > < Directory /> AuthType Basic AuthName sarasoftaccess AuthUserFile bin/users Require valid-user DirectoryIndex index.html Allow from all </ Directory > < Directory J:/www/sarasoft/staticfiles/> AuthType Basic AuthName sarasoftaccess AuthUserFile bin/users Require valid-user DirectoryIndex index.html Allow from all </ Directory > |
Here we are enabling security for both ROOT directory and Our Site's Document Root.
Step3
Restart the Web server and Test it using the URL
http://localhost
Now you will be prompted for the password.
When you enter the correct password that you have saved at step1. You will be able to see the page.
Thanks,
AKSARAV