Howto use .htaccess for (example) password protection of your webpages

You can use .htaccess for:

 

  • Forwarding from one page to another
  • Access control
  • Set custom error message for different events

NOTICE: If you have activated support for FrontPage Extensions on your domain you can not use .htaccess, but must use FrontPage's own functions!

Introduction

The ".htaccess" file can be place in one or many folders on your virtual server. Originally the file was used to control access to a select number of folders on a server, but the newer versions of Apache has made it possible to control other properties from this file.

When your virtual server has to deliver/present a file it starts by looking for a .htaccess file in the main folder, and then checks each sub folder being parsed on its way to the folder containing the requested file. The contents of the last found .htaccess file determines how the file is presented. You can therefore place a standard .htaccess file in your main folder and password protect your entire website, or place a .htaccess file in a sub folder to protect just this branch of the folder tree.

Forwarding:

A single line in .htaccess is a good and simple way to forward a browser to another site or page on your website. This is very useful after a reorganization of your website.

For an example, if you have moved the file 

/holidaysnaps/index.html

to 

/photos/index.html

and want to help all the people who has a direct link or bookmark stored with the old file, you can simply but this line in your .htaccess file in the main folder:

Redirect /holidaysnaps/index.html http://your-domain.com/photos/index.html

Without this line the users would simply get an error page saying that the file doesn't exists.

Access control:

In the folder you wish to protect you must place a .htaccess containing something like: 

AuthUserFile /home/{user name from welcome letter}/.passwd
AuthName "Heading for the dialog box"
AuthType Basic
require valid-user

The accompanying .passwd file can for instance look like: 

webadmin:xHTZot3DBtJdI
vipkunde:eA9rs2QvRIecc

The password file can be created by using the web based file manager in the planet controller and enter the following line in the "Command" box: 

htpasswd -cb .passwd username password

and click on "Submit"

The above command will delete an existing password file or create a new one called ".passwd" and then append a user with the username and password supplied. To add a user to an existing file, you would use the command with a slightly different option: 

htpasswd -b .passwd username password

- as you might have noticed we simply left out the create flag "c".

For further information on the command "htpasswd" see: http://httpd.apache.org/docs/programs/htpasswd.html

Error messages:

The most common error message you encounter would properly be:

File Not found

The requested URL /someone/mistyped/a/link.html was not found on this server.

But must have also seen this one:

Oops:

Oops! You've found a bad link! Please consider starting from our top page and working down to the page you were looking for.

 

You can define these error messages by inserting a .htaccess file in the folder for whos branch you want them to work for. This means that if you want to define an error message for the entire site, you would make a .htaccess file in the main folder with a line like: 

ErrorDocument 404 http://www.your-domain.com/error404.htm

These pages often contain a link back to the page that referred to the error page, and possibly also displaying the complete url that was requested. It is rather easy to do with a little help from CGI or PHP, but that is beyond the scope of this little intr


Related Articles:
Use of SSH to connect to Linux servers
Category: Limit access