This example differs from the previous example in that it allows for greater control and flexibility by using groups.
Password files:
1. Create a file .htgroup in that directory that contains the groupname and list of users:
member-users: user1 user2 user3 ... etc
Where member-users is the name of the group.
2. Modify .htaccess in the membersonly directory so it looks something like:
AuthName "Add your login message here."
AuthType Basic
AuthUserFile /home/domain/public_html/membersonly/.htpasswd
AuthGroupFile /home/domain/public_html/membersonly/.htgroup
require group member-users
3. Create the password file .htpasswd using the program htpasswd for each user as above. You don't need the -c option if you are using the same .htpasswd file. (-c is only to create a new file)
htpasswd -c /home/domain/public_html/membersonly/.htpasswd user1
htpasswd /home/domain/public_html/membersonly/.htpasswd user2
Restrict access based on domain or IP address:
Allow specified domain to access site:
Order deny, allow
Deny from all
Allow from allowable-domain.com
Allow from XXX.XXX.XXX
Deny from bad-domain.com
Specify first three (or one, or two, ...) octets of IP address defining allowable domain.
Placing Authentication directives in httpd.conf exclusively instead of using .htaccess:
The purpose of using the "distributed configuration file" .htaccess is so that users may control authentication. It can also be set in the Apache configuration file httpd.conf WITHOUT using the .htaccess file. This can improve server performance as the server will not have to look for the .htaccess file in each subdirectory.
File: httpd.conf (portion)
..
...
AllowOverride AuthConfig
AuthName "Add your login message here."
AuthType Basic
AuthUserFile /home/domain/public_html/membersonly/.htpasswd
AuthGroupFile /dev/null
require user name-of-user
...
..
0 comments:
Post a Comment