Tag: Apache
.htaccess – No Auth for local access/Auth for outside access
by Drew Dahl on Dec.28, 2009, under HowTo, Linux
For this, we’ll throw an .htaccess file into the directory you don’t want anyone to access that’s served via apache. For this, we’ll also have to have the following set for the directory in the httpd.conf file:
AllowOverides AuthConfig
Here’s what the .htaccess file should look like (with a few modifications for location and network if you need):
AuthType Basic
AuthName "Remote Auth"
AuthUserFile /var/www/html/.htpasswd
Require valid-user
Order deny,allow
deny from all
allow from 192.168.0
Satisfy any
AuthName "Remote Auth"
AuthUserFile /var/www/html/.htpasswd
Require valid-user
Order deny,allow
deny from all
allow from 192.168.0
Satisfy any
And then in the same directory, create the .htpasswd file by:
htpasswd -c .htpasswd username
Then when promptd, enter the password for that username. Make sure both files are owned by apache (or www-data if your webserver runs as such). Viola! It works.
(Note: To add more users that the htpasswd file, do the same command as above, without the -c)
