Simple Password Protection

One of the most commonly asked questions is how to password protect a directory on an individual account. Please read the following information to setup password protection on your account. Note: you should have an understanding of certain UNIX commands to properly setup. If you do not, click back and read through the UNIX tutorial section if you do not know how to telnet or run the unix commands listed below.

You will need to determine what directory you want password protected. Once you have determined this, use your telnet program to log onto the server. use the cd command to go to the directory you wish to password protect. If the directory does not exist yet, use the mkdir command to create a new directory and cd into it. Two files are necessary for password protecting the directory. These files are .htaccess and .htpasswd. From the prompt, type pico .htaccess. This opens the editor. you now need to write the file. Below is an example of what the .htaccess file will look like. For the example, we will use xxxsite as the account name and secret as the directory to protect.

AuthUserFile /usr/home/xxxsite/.htpasswd # Name for this password-protected database: AuthName "XXXSITE Members" AuthType Basic <limit GET> require valid-user </limit>
You can make edits to this and simply cut and paste into the pico program.

You will need to replace the "xxxsite" and the "secret" with your account name and the directory you want to protect. Naturally, if you choose to put your .htpasswd file somewhere else, you simply change the first line to reflect the full path. Now that you have entered the above here, hit ctrl+x to exit. It will ask if you want to save or not. Choose yes and then hit enter. Your .htaccess file has now been written. Now we are ready to create the .htpasswd file. Simply type touch .htpasswd from the telnet prompt. You have created your .htpasswd file. For your final steps, you need to create one more file using the pico command. This file, called addpw will be your tool for adding new users to the .htpasswd file. Decide where you want to have this file located and move to that directory. Type pico addpw to begin creating the file. You can simply do a cut and paste with the info below.

#!/usr/bin/perl if (scalar(@ARGV) < 2) { print <<EOF; usage: addpw <DBMfile> <user> <password> EOF exit; } $salt="XX"; $file=$ARGV[0]; $key=$ARGV[1]; $value=$ARGV[2]; if ($file && $key && $value) { $hash = crypt($value, "$salt"); open(DB, ">>$file") || die "Error: $!\n"; $hash .= ":$group" if $group ne ""; $value .= ":$group" if $group ne ""; print DB "$key:$hash\n"; close(DB); print "User $key added with password $value, encrypted to $hash\n"; exit; }

Now that you copied the information, hit ctrl+x to exit. Choose yes to save and hit enter. You have now completed all three files needed. Next we need to set the permissions correctly. You will need to chmod 700 addpw from the directory your addpw file is located. This will make the file executable by you alone. If you created all three of these files in the same directory you will be able to see them by typing ls -al from the prompt.
Your directory should look something like this after typing the ls command:

drwxr-xr-x 2 xxxsite user 512 Jan 6 13:10 .
drwxr-xr-x 4 xxxsite user 512 Jan 6 09:46 ..
-rw-rw-r-- 1 xxxsite user 189 Jan 6 12:41 .htaccess
-rw-rw-r-- 1 xxxsite user   0 Jan 6 13:10 .htpasswd
-rwx------ 1 xxxsite user 562 Jan 6 12:51 addpw
bj: {11} %

You are now ready to add a new login and password. from the same directory the addpw file is located, type in:
./addpw .htpasswd login passwd
Replace login and passwd with the login and password you want created. If your .htpasswd file is located in a different directory, be sure to type the full path to the .htpasswd file. here is an example:
./addpw /usr/home/xxxsite/public_html/secret/.htpasswd login passwd
Either way, the output you should get will be the following if setting up a login xxxsite with a password of myporn:

bj: {11} % ./addpw .htpasswd xxxsite myporn
User xxxsite added with password myporn,
encrypted to XXmWbMfoKC4N2
bj: {12} %

Thats it! Test it out, you should be asked for a login and password and allowed access with a correct login/password if you did everything correctly.