Webserver - .htaccess Files - Ece

Webserver - .htaccess Files

From Ece

(Redirected from Webserver - Htaccess Files)
Jump to: navigation, search

To limit access to web pages in the ECE environment, you can use htaccess files. To create an htaccess file, create a new file, called .htaccess, in the directory that you wish to protect. Please notice that the filename begins with a period. Inside the file, you will have lines that tell the server how you want users to authenticate and who can have access. Below you will find recipes for creating htaccess files.

Example htaccess file to allow certain ECE users or groups access to a web page:

The following example should be used when the webpage needs to be limited to certain people or groups of people who already have an ECE account. 

AuthLDAPURL ldap://ldap.ece.msstate.edu/ou=people,dc=ece,dc=msstate,dc=edu?uid
AuthBasicProvider ldap
AuthzLDAPAuthoritative on
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
AuthName "Secure Webpage"
AuthType Basic
require ldap-user ECEUSER
require ldap-group cn=ECEGROUP,ou=groups,dc=ece,dc=msstate,dc=edu

In the example above, replace ECEUSER with the ECE user ID for the person you wish to have access. Duplicate the "require ldap-user" line for each person you wish to have access.

For group access, replace ECEGROUP, in the example above, with the ECE group you want to have access. This line can be duplicated as many times as you need to list all the groups you need.

Example htaccess file to allow a specific user to access a page:

The following example should be used when the webpage needs to be limited with a username and password that will be shared by several people. In this case, the username isn't related to an ECE account. The username can be anything that you wish to use.

  • First create a password file that will store the username and password that you plan to use to secure the page. The htpasswd command is available on the Yavin server. 
htpasswd -c htpasswd USERNAME

Replace USERNAME with the username you wish to use to authenticate. In this example the password file is called "htpasswd". You can use a different name, but you will need to use that name in the config files below. The htpasswd program will ask for you to enter the password you want to use.

  • After creating the password file, you need to create a ".htaccess" file in the directory. The contents of the file should be: 
AuthName "Secure Webpage"
AuthType Basic
AuthUserFile DIRETORYPATH/htpasswd
require user USERNAME

Replace USERNAME with the same username you created with the htpasswd command. Replace DIRECTORYPATH with the path to the password file.

Retrieved from "http://www.ece.msstate.edu/wiki/index.php/Webserver_-_.htaccess_Files"