Restrict Access to a Directory Within Your Website

Sat, 01/05/2010 - 19:00 — horuskol

If you want to restrict access to a specific directory, such as an administration section, you have a couple of options. First, you can drop a .htaccess file into the directory which you want to restrict and set it up like this:

AuthUserFile /var/www/your-website/.htpasswd
AuthType Basic
AuthName "Authentication Required"
 
Require valid-user

However, this isn't always a good idea - it spreads the configuration around into multiple locations, and could become confusing when it comes to maintaining the site, especially if you start finding odd conflicts arising out of the various configurations in different directories.

The second option is to set up configuration blocks in the .htaccess you have in the root of your website.

<Directory /var/www/your-website/admin/>
  AuthUserFile /var/www/your-website/.htpasswd
  AuthType Basic
  AuthName "Authentication Required"
 
  Require valid-user
</Directory>

Knowledge Builder
Apache HTTP Server
access
authentication
security

Printer-friendly version
Add new comment

Topics

Tags in Tags

Restrict Access to a Directory Within Your Website

User login

Syndicate