Apache allows you to password protect directories, sub folders and even your entire website. This is useful in case you don’t want your website (or parts of it) to be accessed by unauthorized users. Let us take a look at how to set up password authentication with Apache on CentOS.
How To Set Up Password Authentication With Apache on CentOS
Before we proceed, please ensure that you have installed Apache on CentOS.
1. Enable .htaccess Authentication
By default, Apache doesn’t allow you to use .htaccess file. So we need to enable it. .htaccess allows you to change the Server configuration without accessing its config files.
To do this, open Apache’s config file (one time) in a text editor
$ sudo nano /etc/httpd/conf/httpd.conf
Look for the line <Directory “/var/www/html”> and change AllowOverride none to AllowOverride AuthConfig
Save and close the file
2. Create password file
Next, we create a password file using the htpasswd tool. It allows you to store usernames and encrypted passwords of users who have authorization.
For this, we will create a hidden file .htpasswd in /etc/httpd/ folder. You can name this file anything you want. Just make it hidden by adding a dot (.) in front of it.
Let’s create the file with user1 in it
$ sudo htpasswd -c /etc/httpd/.htpasswd user1
You will be asked to provide a password and confirm it.
Use ‘-c’ flag only the first time while creating the file. To add more users (e.g user2) don’t use it.
$ sudo htpasswd /etc/httpd/.htpasswd user2
After you have added all the required users, you can view the file
$ sudo cat /etc/httpd/.htpasswd
You’ll see a list of usernames and encrypted passwords
user1:$sahubekjeiuehfjkeEJenj3nrkrnugJ/
user2:$jk234bh3rbjhrbB8k3b3hb3bMH1
Next, change the ownership of this file to allow Apache to access it. Also, change its permission to make it secure.
$ sudo chown apache:apache /etc/httpd/.htpasswd
$ sudo chmod 0660 /etc/httpd/.htpasswd
3. Set up Password Authentication in Apache
Next, we create a .htaccess file in the directory that we want to password protect. If you want to restrict your entire website, place it at the website root folder (/var/www/html)
$ sudo nano /var/www/html/.htaccess
Add the following lines:
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /etc/httpd/.htpasswd
Require valid-user
Save and close the file. Restart Apache to apply changes
$ sudo apachectl restart
4. Test Password Authentication
To test the password authentication, simply open your web browser and go to your website (example.com). If it is on localhost, then go to http://192.168.0.1
You’ll see the following authentication form, which asks you for username and password
If you enter the right details, you’ll see the requested URL.
If you hit Cancel or provide incorrect details, then you’ll see the “Unauthorized” error message.
Congratulations! You have set up password authentication with Apache on CentOS.