jump to navigation

Basic HTTP Authentication with Apache’s .htaccess file May 25, 2011

Posted by Tournas Dimitrios in PHP.

My previous article demonstrated how to implement a basic authentication mechanism on your web-pages with PHP  . Authentication can also be achieved on the server deamon level (httpd) with the help of the well known “.htaccess” file .  On an hosting environment an developer has no access on the web- server’s central configuration file ( httpd.conf) , so any configurations can be applied by iniset()  statements inside the PHP file or with directives inside an .htaccess file .

Each directory that contain a .htaccess file, and all it’s sub-directories , will inherit all the options that are listed inside this file . Most importantly  the web-server doesn’t need to be restarted , each time a modification on the .htaccess file needs to be done .
A practical use for our .htaccess files is to allow access to only specific users, or user groups, in other words; password protected folders. a simple authorisation mechanism might look something like this..

AuthUserFile "C:/Program Files/wamp/www/Book/.htpasswd"
AuthName "Server"
AuthType Basic
Require valid-user

The file “.htpasswd” will contain the username/password  credentials in the form -> username:pass
You can find loads of online examples of how to setup authorization using .htaccess .

This is the directory structure :




No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s