how do I configure htaccess files in EACH folder I want to protect ?

November 17, 2016 123 views
Apache Debian

How do I configure apache2 so it will use htaccess files in each folder I want to protect ? Each folder represents a user and I want to configure each user separately and without having to modify the global httpd.conf file. I've placed the following into a .htaccess file in one folder, the name-1 folder, but I get the error message, "this web site does not require authentication" when I try to access the folder:

    AuthType Basic
    AuthUserFile /srv/auth/name-1/.htpasswd
    AuthGroupFile /dev/null
    AuthName "Enter user name and password, for demo cameras, enter demo and 12345"
    Require valid-user

I've created the htpasswd file identified in line 2, and I've enabled htaccess in apache2.conf.

Note that I only want to protect certain folders, so some folders will be protected, but others, not. This all worked when I configured httpd.conf for each folder I wanted to protect, without using htaccess files, but stopped working when I switched to control via htaccess files in each folder.

1 Answer

In order to use .htaccess files for Basic Authentication you will need to make sure that in your Apache configuration you've set AllowOverrride All. Check your virtualhost configuration in /etc/apache2/sites-enabled Without this setting, .htaccess files are not allowed to override default settings on a per directory basis.

Example:

<Directory /var/www/html/>
        Options Indexes FollowSymLinks
        AllowOverride All
</Directory>
Have another answer? Share your knowledge.