[04] CAN I PASSWORD PROTECT MY DIRECTORIES?

     Yes you can.  You can create usernames and passwords for
     directories using the 'htpasswd' command.

     Follow these steps first!

     1. Create a file called '.htaccess' in the directory you 
        want to protect (NOTE, its not a directory in your
        HOME directory, but on the /www file system). Double check with 'pwd -P'

        AuthUserFILE /www/path/to/directory/.htpasswd
        AuthGroupFILE /dev/null
        AuthNAME "my protected files"
        AuthTYPE Basic
        require valid-user
        <limit GET POST PUT>
        order allow,deny
        allow from all
        </limit>

     2. run the 'htpasswd' command, for the first time:

        /usr/pkg/sbin/htpasswd -c .htpasswd myuser1

        You will be prompted to enter a password for the 
        new user.  After this first user is created, you
        can then add additional users with:

        /usr/pkg/sbin/htpasswd .htpasswd myuser2

     When you run 'mkhomepg -p', file permissions will be set so that
     only yourself and the webserver can read, execute and possibly
     write.  This helps if you have a cgi that requires your mysql
     password to be stored in it.

back