Apache .htpasswd File

.htpasswd file

  • The .htpasswd file is used to store usernames and password for authentication on an Apache HTTP server.
  • It is also a simple text file.
  • The 'username' is in plaintext form and 'password' is stored in an encrypted form.
  • The 'username' is case sensitive. 'Amit' and 'amit' are two different usernames.

Creating .htpasswd file

If you create a new .htpasswd file in D: \dwnlds\SampleDir with username Amit.

Use following command

htpasswd -c D: \dwnlds\SampleDir\ .htpasswd Amit

Where,
    '-c' is used when creating a new .htpasswd file.

Configuring httpd.conf to allow authentication via .htaccess

  • Authentication is achieved by overriding the .htaccess files.
  • It is achieved through other types of configuration sections from the main configuration file httpd.conf.
  • Implementing authentication, insert authentication directives in a <Directory> section in the httpd.conf.
  • Only use .htaccess files whenever you don't have access to the main server configuration file.

    • Example : Implementing authentication via .htaccess file.

    AuthType Basic
    AuthName “Password Required”
    AuthUserFile /www/passwords/password.file
    AuthGroupFile /www/passwords/group.file
    Require Group admins