Quick and easy htpasswd restricted access

Ever wondered how to password protect a directory on your web server. This article will explain how its done.

I should warn the htpasswd files are quite insecure. If you are also using https then you should be fine, but with normal http your username & password are transmitted over the Internet in the clear. So in addition to these steps you’ll want to take others to really secure your site.

  1. Create a .htpasswd file and add its first user. This can go anywhere you like. I put mine in the actual directory I want to secure. The command might be
     htpasswd -c /foodotcom/restricted/.htpasswd adminuser
  2. Create a directory section for your secured directory
     <directory /foodotcom/restricted/> AuthType Basic AuthName "Whatever you want to appear in the dialog box" AuthUserFile [path to your .htpasswd file from step 1] require valid-user </directory>
  3. Test the new apache config to make sure it is valid syntax.
     apachectl checkconfig
  4. Restart apache
     apachectl restart

Multiple domains on the same sendmail server

The thoughts of running make to compile m4 macros to set up email for multiple domains got you down. Maybe there is an easier way. Read on.

I host this site on a machine generously donated by my good friend Kevin White up at kevinsworld.com. When I purchased linuxgems.com and wanted to use email I set up my dns and crossed my fingers. Unfortunately it didn’t work. Here is what I found I had to do to make it work.

The caveat, and this is a biggy, is that this does not automagically give you separate email systems. Sending an email to nobody@kevinsworld.com and nobody@linuxgems.com is the exact same thing. For our purposes this is fine, but for yours it may not be.

On our particular sendmail setup there is a file named /etc/mail/local-host-names. It contains the names of any hosts that send/receive from a particular machine. By default sendmail also appears to add the primary hostname of the machine. (Thats why kevinsworld.com works without needing an entry there.) All you have to do is add the names of any servers you are hosting to the local-host-names file. In my case it was linuxgems.com.

Then simply restart you sendmail service. On RedHat 7.3 the command is

/etc/init.d/sendmail restart

A more ideal setup seems to be significantly more work. Although, as a sendmail newbie, I may be mistaken.