In case you want to protect a directory from public access, you can add Apache basic auth to it. This may be needed if you have a wordpress or some other software and want to keep some internal scripts behind auth. Here are quick steps to do this using Apache or .htaccess configuration.
Apache config for basic auth
Use the following code if you want to add basic auth to a location /internal which is served by directory internal inside Apache document root.
<Location /internal> AuthType Basic AuthName "Restricted Resource" AuthBasicProvider file AuthUserFile /etc/auth-file Require valid-user </Location>
htaccess config for basic auth
Use the following code in .htaccess in directory internal.
AuthType Basic AuthName "Restricted Resource" AuthBasicProvider file AuthUserFile /etc/auth-file Require valid-user
Using htpasswd to create auth user
To add/edit auth users to /etc/auth-file you can use the command line utility htpasswd. Here is the command you can use in case auth file /etc/auth-file is being created first time:
sudo htpasswd -c /etc/auth-file awstats
Incase file already exists:
sudo htpasswd /etc/auth-file awstats
View an auth protected url
When the above location is visited in browser, here is how the basic auth is asked by browser.
Any user and password mentioned in /etc/auth-file can be used for authentication.
Video version of the tutorial
Here is the video tutorial on same topic (courtesy Webucator – Online and onsite instructor led training classes). You may also want to checkout their Apache courses.
