Apache .htaccess for website password authentication

Quick notes… the ones that you are probably forgetting if you’re not using it….

Go inside your website folder website

Create a .htaccess file with the below content

AuthUserFile /var/www/website/.htpasswd
AuthGroupFile /dev/null
AuthName "Work forms"
AuthType Basic
require valid-user

Make sure the permissions are set correctly:

chmod ugo+r .htaccess

Then, create the user and the password:

htpasswd -c /var/www/website/.htpasswd your_user

Please note that the -c is to “create” the file. If you want to add other users, just remember to remove that flag or the file will be overwritten

In the VirtualServer section, make sure to have this:

<Directory "/var/www/<website>">
AllowOverride AuthConfig
</Directory>

Restart apache and… it should work 😛