When I was searching my internal wiki I stumbled upon some useful pages that I had written. Here is the first among many that I wrote.
There are two configuration steps which you must complete in order to protect a resource using basic authentication. Or three, depending on what you are trying to do.
- Create a password file
- Configure the Server to use the password file for processing authentication requests
Create a password file
htpasswd -c <location to password file> <username>
htpasswd -c /etc/apache2/.passwords sampleUser
htpasswd will prompt you to enter a password, and then ask you confirm it. Note the use of the -c flag in the command shown above. This flag tells htpasswd to create the file /etc/apache/.passwords. This is only required when you need to create a new password file. Subsequent users can be added to this password file without the use of the -c flag. Note that using the -c flag with htpasswd on an existing file will clear the file’s contents completely and create a new one. So be careful while using this flag.
Please note that the command is htpasswd2 in Suse Linux
Configure the Server
Once you have created the password file, you need to inform Apache about it, and also configure it to this file in order to process user credentials for admission. This configuration is done with the following directives:
Authentication type being used. In this case, it will be set to Basic
The authentication realm or name
The location of the password file
The location of the group file, if any
The requirement(s) which must be satisfied in order to grant admission
eg: Add these lines in your httpd.cong file using Directory tag withe full path you want to secure
<Directory> AuthUserFile /etc/apache2/.passwords AuthName "This is a protected area" AuthGroupFile /dev/null AuthType Basic Require valid-user </Directory>
Once the configuration is complete, restart Apache.