Password lock a web page
From CVL Wiki
(→VT PID Login) |
|||
Line 1: | Line 1: | ||
− | + | To add password protection to your website hosted on the ECE webserver, you can create a HyperText Access file ('''.htaccess''') in the directory that you want to password protect. This file will password protect all of the files (web pages) in that directory and all files in any subdirectories. | |
− | + | **Please note that the file must start with a period "." | |
− | + | More information about .htaccess files here: https://httpd.apache.org/docs/2.4/howto/htaccess.html | |
− | + | There are two methods of password authentication that can be employed to protect your webpage. | |
− | + | ||
− | + | ||
− | =VT PID | + | ==Option 1: htpasswd== |
+ | This is a flat file that sits in your home directory and contains a list of usernames and password hashes. You can use the [https://httpd.apache.org/docs/2.2/programs/htpasswd.html htpasswd] command to add users to the file. | ||
+ | *We strongly recommend NOT putting the htpasswd file under the public_html folder, but instead in your home directory root. This prevents accidental access to the file via the website | ||
+ | |||
+ | Here is the format of the .htaccess file for this option | ||
+ | |||
+ | AuthType Basic | ||
+ | AuthName "Password Required" | ||
+ | AuthUserFile /home/<ECEUSER>/password.file | ||
+ | require valid-user | ||
+ | |||
+ | ==Option 2: VT PID== | ||
+ | This option uses Virginia Tech's PID and password authentication. You can allow all valid PID's, or provide a list of specific usernames. | ||
+ | |||
+ | Here is the format of the .htaccess file for this option (all valid PID's) | ||
AuthType Basic | AuthType Basic | ||
Line 17: | Line 29: | ||
require valid-user | require valid-user | ||
− | + | To allow only specific users, change the '''require valid-user''' to a space delimited list | |
+ | require user pid1 pid2 pid3 | ||
− | + | ==Option 3: ECE Accounts== | |
− | + | *'''This option is untested!''' | |
− | + | This follows the same basic structure for Option 2, but uses the ECE ldap instead of the VT ldap | |
− | |||
AuthType Basic | AuthType Basic | ||
− | + | AuthBasicProvider ldap | |
+ | AuthzLDAPAuthoritative Off | ||
+ | AuthName "ECE Account Credentials" | ||
+ | AuthLDAPURL ldap://auth.ece.vt.edu:/ou=people,dc=ece,dc=vt,dc=edu?uid | ||
require valid-user | require valid-user |
Revision as of 07:57, 19 September 2014
To add password protection to your website hosted on the ECE webserver, you can create a HyperText Access file (.htaccess) in the directory that you want to password protect. This file will password protect all of the files (web pages) in that directory and all files in any subdirectories.
- Please note that the file must start with a period "."
More information about .htaccess files here: https://httpd.apache.org/docs/2.4/howto/htaccess.html
There are two methods of password authentication that can be employed to protect your webpage.
Option 1: htpasswd
This is a flat file that sits in your home directory and contains a list of usernames and password hashes. You can use the htpasswd command to add users to the file.
- We strongly recommend NOT putting the htpasswd file under the public_html folder, but instead in your home directory root. This prevents accidental access to the file via the website
Here is the format of the .htaccess file for this option
AuthType Basic AuthName "Password Required" AuthUserFile /home/<ECEUSER>/password.file require valid-user
Option 2: VT PID
This option uses Virginia Tech's PID and password authentication. You can allow all valid PID's, or provide a list of specific usernames.
Here is the format of the .htaccess file for this option (all valid PID's)
AuthType Basic AuthBasicProvider ldap AuthzLDAPAuthoritative Off AuthName "Virginia Tech ED-Auth (PID/pass)" AuthLDAPURL ldaps://authn.directory.vt.edu:636/ou=People,dc=vt,dc=edu?uupid require valid-user
To allow only specific users, change the require valid-user to a space delimited list
require user pid1 pid2 pid3
Option 3: ECE Accounts
- This option is untested!
This follows the same basic structure for Option 2, but uses the ECE ldap instead of the VT ldap
AuthType Basic AuthBasicProvider ldap AuthzLDAPAuthoritative Off AuthName "ECE Account Credentials" AuthLDAPURL ldap://auth.ece.vt.edu:/ou=people,dc=ece,dc=vt,dc=edu?uid require valid-user