Apache allows you to password protect websites, directories and even individual files. Let us look at how to find apache password file location for user authentication.
Apache Password File Location
Here’s how to determine the Apache password file location. Before you proceed, please ensure that you have enabled mod_rewrite (.htaccess file) on your Apache server. Here’s how you can do it:
Creating a password file
If you have not set up password authentication yet, you can create a password file any where you want. However, it’s essential to keep it hidden by adding a dot (.) at the beginning of its filename
For example, you an create a password file named .htpasswd at /home/username/public_html/
$ sudo vi /home/username/public_html/.htpasswd
Once you have created and saved the file, you can add username & passwords to it with the htpasswd tool
$ sudo htpasswd -c /home/username/public_html/.htpasswd user1
In the above command, use ‘-c’ flag only the first time you add a user. It will ask you for username, password and a confirmation.
Change the ownership and permissions of the file to ensure that only Apache can access it.
$ sudo chown apache:apache /etc/httpd/.htpasswd $ sudo chmod 0660 /etc/httpd/.htpasswd
3. Set up Password Authentication
Update the .htaccess file at /var/www/html/.htaccess and add the Apache password file location
AuthName "Member Only" AuthType Basic AuthUserFile /home/username/public_html/.htpasswd require valid-user
Please remember to put the full absolute path of .htpasswd file’s directory (e.g /home/username/public_html/.htpasswd)
Save & Close the file. Restart Apache to apply changes
$ sudo apachectl restart
That’s it! You have enabled password authentication in Apache. If you are looking for Apache password file location, open the .htaccess file and look for line of code starting with “AuthUserFile…”