Operating Systems and Systems Integration

How to create a password protected directory on a web server
How to do it: 1. Edit the web server configuration file /etc/httpd/conf/httpd.conf (in emacs, select Files→Open File). 2. Add the following to the end of the web server configuration file: <Location /secret> AuthType Basic AuthName "Web Administrator" AuthUserFile /etc/httpd/conf/passwd require valid-user </Location> 3. Create the password file by: (a) cd /etc/httpd/conf (b) sudo htpasswd -m -c passwd username 4. Add more users to the password file with sudo htpasswd -m passwd other-username 5. Check the syntax of the configuration file with: httpd -t You should see “Syntax OK”. If not, check your editing of the web server configuration file. 6. Restart the server with sudo /etc/rc.d/init.d/httpd restart 7. Create a secret directory with cd /var/www/html sudo mkdir secret Now copy a secret html file into that directory. Call it index.html 8. Type in the URL of your own computer, or use its “loopback” address: http: //localhost/secret/ 9. If no success, do this: tail -f /var/log/httpd/error log 10. Now do the same again with a different directory, using digest authentication. Read the documentation for Apache, which is available online on your computer at: http: //localhost/manual/. To look up information about digest authentication, you can go to the link to Modules: By Type from that page, then go to Access Control, then select the module mod digest. You will need to enable the mod digest Apache module by uncommenting the lines:
Nick Urbanik <nicku@vtc.edu.hk> ver. 1.5

How to create a password protected directory on a web server Operating Systems and Systems Integration

2

LoadModule digest_module and AddModule mod_digest.c

modules/mod_digest.so

in /etc/httpd/conf/httpd.conf, then restart Apache. Demonstate to your tutor.

Nick Urbanik <nicku@vtc.edu.hk>

ver. 1.5