From Redbrick Wiki
Jump to navigation Jump to search


Redbrick's Webserver, apache, allows users to password protected certain sections of their websites via a method known as "htaccess".

This is done by creating a password file for authorized users and a .htaccess file in the directory which you would like to protect.

Setting a password

The password file comes first. To create a htaccess password file and assign an authorized user to it type:

htpasswd -c ~/passwd username

You can give the password file any name you like, just substitute the name you choose for passwd above. In this tutorial, references to passwd mean your password file. The value of username is the name of the user that you wish to grant access to. After running this command, you will be prompted to enter a password. This is the password that will be used by that user to gain access.

To allow the server access to query this file you will need to change its file permissions. Type the following into your terminal:

chmod 755 ~/passwd

Directory Creation

Next, you create a directory that will be protected by the password file you just made. For the tutorial, we will call this directory "secret", but you can call it whatever you want.

Type the following into your terminal:

mkdir ~/public_html/secret

Once again the correct permission must be set. Simply type the following into your terminal:

chmod 711 ~/public_html/secret

Now you're almost done.

.htaccess file

With the password file and protected directory in place all that remains is the .htaccess file to tie it all together. The .htaccess file is what will tell the Webserver that the directory is password protected and requires authorisation.

Change to your protected directory by typing:

cd ~/public_html/secret

Now type nano .htaccess to open the file in a text editor

Copy and paste the contents of the sample htaccess file into the editor, making the necessary modification to the AuthUserFile line, e.g.

AuthType Basic
AuthName "User Login"
AuthUserFile /home/member/g/gizmo/passwd
require valid-user

Note: keep the name of the file .htaccess - this is an actual file extension recognised by Apache and it must be used.

Lastly we need to set the permission on the file by typing:

chmod 644 .htaccess

htaccess & pubcookie

You can use your htaccess file with the RedBrick pubcookie system. With this you can restrict access to redbrick members. See PubCookie on Redbrick for more.


To test if the directory is protected correctly, type its url into a browser, eg:

If all works correctly you should now be prompted for a username and password to gain access. If you'd like to give access to another user, this is easily done using a similar command syntax to before:

htpasswd ~/passwd username

You'll be prompted to enter the new password twice as you were before. Once entered, the new user is active immediately and can gain access to the protected directory.

As always, you can contact Helpdesk if you have any problems.