Requiring Userids for Secure Web Access

This is documented in full at

In short, in order to require WatIAM authentication before allowing access to specific webpage (and serve the page over a secure connection), you must first create a file .htaccess in the same directory as the html file containing the following four lines:

<Files filename>
   require valid-user
where filename is the name of the webpage you want to password protect. To require WatIAM authentication before allowing access to the files in a specific directory (and all its subdirectories), you must create a file .htaccess in that directory containing the following two lines without being enclosed in $lt;Files> tags:
require valid-user

Typically, this kind of protection is placed on a cgi-bin directory (i.e., ~/public_html/cgi-bin) which contains many if not all of the site's CGI programs. The web server will require that all such pages are accessed via the https:// protocol instead of http://, so make sure you set any links on your page accordingly.

*NB*: If anybody knows how to get http:// to forward to https:// automatically on appropriate pages, please document it here.

Please note that while the old Solaris web server required that the line PerlAuthenHandler Apache::AuthenURL be in the .htaccess file, the Linux web server requires you not to have it. The new web server also heavily dislikes lines such as the following which may have been held over:

AuthName "UWDir Authentication"
!AuthType Basic

See also:

Edit | Attach | Watch | Print version | History: r8 < r7 < r6 < r5 < r4 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r8 - 2010-10-13 - TerryVaskor
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback