It's important to realise that the servers are configured so that
via the World Wide Web, any person from anywhere in the world at any hour can
obtain any files in your web space. However there are two ways in
which it is possible to restrict access. These are only available to clients with virtual domains
This way you can restrict access to a directory. For example to read
you must enter the username bean and the password stalk
How do you do it?
It's a little complicated - not for beginners:
This is the most basic configuration. There are more details at:
Note that in our system, it is necessary to use the program htpass, not htpasswd. Remember that you won't be able to see these files from FTP, only with Telnet, typing ls -la.
- Write a file called .htaccess like this:
AuthName "'bean' and password 'stalk'"
<Limit GET POST>
require user bean
Put the complete name of the directory where you are going to put the password file (.htpass) in place of
/opt/web/guide/albino/space/apples/. Put whatever you want after
AuthName and the desired user name instead of
- Transfer the .htaccess file to the directory which you wish to restrict. You must transfer it in ASCII/text mode or it won't work.Once you have transferred it, you may find it seems to have disappeared because, files that begin with a dot are 'hidden' by the system. If you are using DOS or Windows, you may have trouble creating a file with the name .htaccess. In this case, call it htaccess.txt and change the name once you have transferred it. Also, this file must be written in text format, not in MS-DOS text format.
- Connect to your domain by Telnet, and create the directory where you want to put the password file (.htpass), and then change directory to this directory. For example:
- Type in the command to create the password file:
htpass -c .htpass bean
Substitute the desired username for
- The server will ask:
Adding password for bean
type in the password - it won't appear in the screen
type the password again
Re-type new password:
This method only restricts access from the Web. Other users of the server will continue to have access to this directory. In order to protect you most confidential files, it is necessary to use the Second Method.
With this method you can restrict reading files. For example, try to read:
restricted.html. It's also possible to protect directories, but for total security you should protect both the directories and the files in them.
- Conect to your domain by Telnet
chmod 700 file.htm or whatever it is.
Copyright 1996, Albino