Apache Access Control

Post date: Apr 28, 2009 12:27:41 PM

I use MAMP to emulate an Apache web server on my laptop. Although my local webpages are for intranet local use only, producing a first level access control, I may have sometimes the necessity to protect the access to particular content.

More info can be found here: http://httpd.apache.org/docs/1.3/howto/auth.html

I found a lot of posts in user forums to talk about .htaccess file with MAMP not working.

Here is the procedure that work for my configuration:

Create a username/password pair with the command:

htpasswd -c /Applications/MAMP/Library/.htpasswd johndoe

The password for the user johndoe is encrypted and placed in the hidden file .htpasswd under the MAMP Library folder.

Note that the "-c" option will the create the password file or replace an existing one, don't use this option to add a username to the already existing password file.

Then in the directory you want to protect create a hidden file .htaccess which contains:

AuthUserFile .htpasswd

AuthGroupFile /dev/null

AuthName "Password Protected Area"

AuthType Basic

<limit GET POST>

require valid-user

</limit>

Now in your browser, accessing the folder where you put the .htaccess file should require the login/password pair.