Although most Web pages are designed for public use, there are situations when you need to protect certain Web pages and directories from the general public. For those situations, it's necessary to configure Apache to request authentication from the user or implement some other method to control user access. In this installment of my series on Apache, I will describe authentication and how to control user access.
There are only a few tasks that must be performed to restrict access to a Web directory. The first is to determine which directory and files are to be restricted and who will have access to them. For the users that you will permit access rights, you will need to set up a list of them along with their passwords. The second task will be to edit the Apache configuration file (httpd.conf) or a .htaccess file contained in the restricted directory. If you're not familiar with this configuration file, you may want to refer to a previous article that I wrote on Apache Basics.
By Russell J.T. Dyer at Unix Review.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.