2.7.1.1.5. Restricting access to files and directories using a login and password
Important points:
- Access restriction directives must be placed in the file .htaccesslocated in the protected directory.
- If using .htaccess access will be configured for static files and HTML pages, remove their extensions from list of static files.
Restricting access to a directory
require valid-user Authname "Basic Auth" Authtype Basic AuthUserFile "/home/name_account/.htpasswd"
The .htpasswd password file is a simple text file with the following structure:
user1:password user2:password
Where userX — username, password — his encrypted password.
It is recommended to place this file in a directory inaccessible through a browser (outside the site directory).
You can generate passwords here... You can encrypt the generated passwords here.
Access only to a specific file
require valid-user Authname "Protected" Authtype Basic AuthUserFile "/home/name_account/.htpasswd" <Files page.php> allow from all satisfy any </Files>
Where page.php — a file to which access should be made in a closed directory.
Access only to files with a specific extension
require valid-user Authname "Protected" Authtype Basic AuthUserFile "/home/yourlogin/.htpasswd" <Files *.cfg> allow from all satisfy any </Files>
Where .cfg — extension of files to which access will be made in the closed directory.
Access only to files with many specific extensions
require valid-user Authname "Protected" Authtype Basic AuthUserFile "/home/yourlogin/.htpasswd" <FilesMatch ".(gif|bmp|tiff|swf|flv)$"> allow from all satisfy any </FilesMatch>
Where gif, bmp, tiff, swf, flv — file extensions that will be open to access in the closed directory.