Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Setting up Apache access restrictions per user UNIX
[Editor's note: .htaccess is a means of placing password protection on web sites, and pages within sites. digidoodle had been trying to get it working for each user's individual site on Mac OS X ... here's what he discovered]

I just submitted a question that has been nagging me for days about how to get .htaccess files working, and I just figured out the very simple answer.

I had been spending all my time messing with the setting in the main httpd.conf file, and then realized that in the private/etc/httpd/users directory is a small config file for each user.

This is the file where the following change needs to be made:

AllowOverride none changes to AllowOverride AuthConfig

Every other source I found on the web talked about altering httpd.conf, but changes to this will not effect the pages within any particular user folder. Hope this helps somebody else!

  • Currently 4.20 / 5
  You rated: 2 / 5 (5 votes cast)

Setting up Apache access restrictions per user | 5 comments | Create New Account
Click here to return to the 'Setting up Apache access restrictions per user' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
heres the instructions
Authored by: nutty on Apr 24, '01 02:14:20PM

thanks to John for the info

Here's how you do it:

1. su to root
2. cd to the directory where you want to keep the password file. store the file outside the stuff that's served out to the world, for obvious reasons
3. type "htpasswd -c filename username" where filename is the name of the file you want to create, and username is the name of the first username
4. type the password for that user
5. repeat steps 3-5 for each additional user, omitting the -c because you're no longer creating a new file
6. edit /etc/httpd/httpd.conf, perhaps using "pico /etc/httpd/httpd.conf"
7. Hit control-w and search for <Directory "/Library/WebServer/Documents/">
8. Scroll down to where it says "AllowOverride" and make sure that's set from "none" to "AuthConfig"
9. Exit Pico and save the config file.
10. cd to the directory you want to protect
11. type "pico .htaccess"
12. Enter the following info:

AuthType Basic
AuthName "blehbleh"
AuthUserFile /etc/httpd/accessconfig
Require valid-user

where the AuthUserFile is the location of the file you created in step 3. The value in AuthName is what will appear in the password dialog on the web client.

13. Exit pico and save the .htaccess file.
14. type "apachectl stop" to stop Apache.
15. type "apachectl start" to restart Apache.

[ Reply to This | # ]
One thing more...
Authored by: grotz on May 26, '01 03:02:27PM
This works fine for me, just so long as you are careful around steps 7 and 8: there are two examples of where you could change "AllowOverride" within httpd.conf -- fortunately they are very close to one another. You want to change the second one. I was terribly confused until I looked at httpd.conf again and changed it.

But thanks for the help! Now access permissions are a breeze!

[ Reply to This | # ]
One thing more... Apache Access Restriction and .htaccess
Authored by: druZiffer on Oct 15, '03 05:19:22AM

Had this error...

[Wed Oct 15 02:59:06 2003] [alert] [client] [[ CENSORED ]]: Invalid command 'AuthPAM_Enabled', perhaps mis-spelled or defined by a module not included in the server configuration

I am currentky modifying a version a cute little CGI that I am making DARWIN compatible... well, anyway - works with OS X... sooooo expect it in a day or 2...


[ Reply to This | # ]
Internal server error
Authored by: abenoni on Sep 17, '03 08:14:38AM
I tried this but when I try to enter the site I get a message: "Internal server error 500..." Any idea why? In the error_log it says that something is misspelled. I wonder if there is some mocule I have to enable. I had this error before when using a certain PHP module but I can`t remember which. In the catalogue that I want to protect I have this in the file .htaccess:
AuthType Basic
AuthName "Adminarea"
AuthUserFile /Libraray/WebServer/Documents/.htpasswd
Require valid-user
and the file .htpasswd is correctly saved in the location I have entered above.

[ Reply to This | # ]
Internal server error
Authored by: j0nathan on Nov 24, '03 12:03:55PM

You've spelt 'Library' wrong in the path ('Libraray'). If you've directly copied this code then that's probably the problem.

[ Reply to This | # ]