Apache Webserver Basic Authentication using htpasswd - How to

Updated on:

Overview
To Secure the Apache  Virtualhost (or) a particular document root /directory.  We can use this Basic Auth mechanism.
When the user is trying to access the resource from the directory. User will be prompted  for Authentication.

 

Step1
Create a Password file with username and password entry using htpasswd  tool. Available at apache bin directory.

This is how the users file looks like by default the password entered will be  encrypted using MD5 algorithm

 

Step2

 

Make configuration changes in httpd.conf  file.
Under the Directory module that you want to apply BasicAuth secuirty
Add the below lines
AuthType Basic
AuthName sarasoftaccess
AuthUserFile bin/users
Require valid-user
DirectoryIndex index.html
Allow from all

 

This is how our configuration looks like
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
<VirtualHost *:80>
ServerAdmin [email protected]
DocumentRoot J:/www/sarasoft/staticfiles/
ServerName sarasoft.com
ErrorLog logs/sarasoft-error.log
CustomLog logs/sarasoft-access.log common
</VirtualHost>
<Directory  />
AuthType Basic
AuthName sarasoftaccess
AuthUserFile bin/users
Require valid-user
DirectoryIndex index.html
Allow from all
</Directory>
<Directory  J:/www/sarasoft/staticfiles/>
AuthType Basic
AuthName sarasoftaccess
AuthUserFile bin/users
Require valid-user
DirectoryIndex index.html
Allow from all
</Directory>
Here we are enabling security for both  ROOT directory and Our Site's Document Root.

 

Step3
Restart the Web server and  Test it using the URL

http://localhost

Now you will be prompted for the password.

When you enter the correct password that you have saved at step1. You will be  able to see the page.

Thanks,
AKSARAV

More from Middleware Inventory

  • How to integrate weblogic and apache web server - Steps

    Weblogic and Apache Webserver integration To Integrate Weblogic Application server with Apache Webserver, We have to install weblogic plugin on the Apache HTTP Server. Plugins for Apache will be available on Oracle (or) you can find them in your weblogic installed location under " ServerRoot/server/plugins" Under plugins directory of weblogic server…

  • SSH without Password Key Based Authentication
    How to enable SSH Key based authentication - Passwordless SSH

    How to SSH without Password into remote Linux Server is the question that every Engineer working on Linux might have come across. Sometimes the Question we seek could be different like ssh command without password ssh to the remote server without password SSH without password from Shell Script SCP to…

  • Apache Reverse Proxy - What is it and How to Configure Reverse Proxy

    Introduction Proxy,  In general terms it means "a person who is authorized to act for another". In Server infrastructure, a Proxy Server do the same thing, It stands in for some other server, which should be kept away and hidden for so many reasons. Proxy servers are used for both legal…

  • Client IP Logging in IIS/Apache - Story of X-Forwarded-For Header

    We all at some point wanted to know who is accessing our web page. Our Source of information is the access log file. Sometimes we do not get what we expect to. In case if we want to know the exact client's IP.  Sometimes All you get is some network/firewall…

  • Ansible SSH Key transfer from one host to another - local and remote

    SSH Key-based authentication setup in LINUX (or) UNIX based OS is one of the major platform services related task and most frequently executed task by Unix admins. Ansible, An IT Automation tool could automate this tedious task as well. SSH Key based authentication is indispensable when it comes to automation. Even…