Password lock a web page

From CVL Wiki

(Difference between revisions)
Jump to: navigation, search
(Option 2: VT PID)
Line 29: Line 29:
 
  require valid-user
 
  require valid-user
  
To allow only specific users, change the '''require valid-user''' to a space delimited list
+
To allow only specific users, change the '''require valid-user''' line to a space delimited list
 
  require user pid1 pid2 pid3
 
  require user pid1 pid2 pid3
  

Revision as of 07:57, 19 September 2014

To add password protection to your website hosted on the ECE webserver, you can create a HyperText Access file (.htaccess) in the directory that you want to password protect. This file will password protect all of the files (web pages) in that directory and all files in any subdirectories.

    • Please note that the file must start with a period "."

More information about .htaccess files here: https://httpd.apache.org/docs/2.4/howto/htaccess.html

There are two methods of password authentication that can be employed to protect your webpage.

Option 1: htpasswd

This is a flat file that sits in your home directory and contains a list of usernames and password hashes. You can use the htpasswd command to add users to the file.

  • We strongly recommend NOT putting the htpasswd file under the public_html folder, but instead in your home directory root. This prevents accidental access to the file via the website

Here is the format of the .htaccess file for this option

AuthType Basic
AuthName "Password Required"
AuthUserFile /home/<ECEUSER>/password.file
require valid-user

Option 2: VT PID

This option uses Virginia Tech's PID and password authentication. You can allow all valid PID's, or provide a list of specific usernames.

Here is the format of the .htaccess file for this option (all valid PID's)

AuthType Basic
AuthBasicProvider ldap
AuthzLDAPAuthoritative Off
AuthName "Virginia Tech ED-Auth (PID/pass)"
AuthLDAPURL ldaps://authn.directory.vt.edu:636/ou=People,dc=vt,dc=edu?uupid
require valid-user

To allow only specific users, change the require valid-user line to a space delimited list

require user pid1 pid2 pid3

Option 3: ECE Accounts

  • This option is untested!

This follows the same basic structure for Option 2, but uses the ECE ldap instead of the VT ldap

AuthType Basic
AuthBasicProvider ldap
AuthzLDAPAuthoritative Off
AuthName "ECE Account Credentials"
AuthLDAPURL ldap://auth.ece.vt.edu:/ou=people,dc=ece,dc=vt,dc=edu?uid
require valid-user
Views
Personal tools
Support