Apache2 Basic Authentication Ubuntu

Virtual Host Configuration

To add basic authentication to an apache2 virtual host you need to add the following lines to the virtual host configuration.

AuthType Basic                                               (1)
AuthName "Private Documentation Repository"                  (2)
AuthUserFile /var/www/crock.norang.ca/.htpasswd-private      (3)
Require valid-user                                           (4)
  1. Set the Basic authentication method
  2. Provide a name for the location (optional)
  3. Specify the pathname to the file that contains usernames and passwords. The usual filename to use is .htpasswd
  4. Specify that only users that exist in the file are allowed access

The AuthUserFile should not be located in a directory served by apache2 since you do not want people to be able to download the contents of this file. This file contains the valid usernames and passwords. Example: Virtual Host Entry

<Directory "/var/www/crock.norang.ca/htdocs/private/">
    DirectoryIndex index.py
    AddHandler cgi-script .py
    Options Indexes FollowSymLinks MultiViews ExecCGI
    AuthType Basic
    AuthName "Private Documentation Repository"
    AuthUserFile /var/www/crock.norang.ca/.htpasswd-private
    Require valid-user
    AllowOverride None
    Order allow,deny
    allow from all

htpasswd file

The htpasswd file (var/www/crock.norang.ca.htpasswd-private’ in the example above) is created and maintained by the `htpasswd program. Use use this program to add or change password entries in the file.

Creating New Users

Example: Creating a new entry

$ htpasswd /var/www/crock.norang.ca/.htpasswd-private newuser
New password:
Re-type new password:

This prompts for the password for newuser and stores the encrypted password in the password file.

Example: Created password entry (part of the .htpasswd file)


Deleting Users

You delete users from the .htpasswd access file as follows

Example: Deleting user account newuser

$ htpasswd -D .htpasswd newuser

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s