|
Page 2
Step 1
First we need to connect to your web server with CuteFTP Pro, and create a directory. For this tutorial were going to assume it's called "protected."
Use your ftp program to login to your server. If you have not messed with the CuteFTP Pro's default settings, it should go straight to your web root. This is the directory with you index.html page in it. We need to create a folder called protected in this location. Case does matter since UNIX is a case-sensitive OS.
Note: If you need help using your ftp client, consult your documentation or ask in the GF news groups. If you use Cute Ftp® Pro visit here or ask in our newsgroup dedicated to GlobalScape® Products.
Step 2
If your host provides an easy way to password protect directory's in your hosting control panel, then I suggest you use it. If not, now is where TextPad® comes in. Open TextPad®: it will automatically start a new document for you. From the file menu chose "save as" and chose "All Files" and "UNIX" from the drop downs. Name it .htpasswd. Save it some place you'll remember. For the user name were going to use demo and for the password were going to use demo.
Step 3
To create the contents go here. This web page generates the encrypted password for you and gives you the properly formatted user name and password. Copy the results from the web page, and paste into your newly created .htpasswd file.
This is what you should get:
demo:43nWqVQbGyoG2
Place it on the first line in your .htpasswd file. Make sure to save it. Now go ahead and close the file. TextPad® should automatically open a new document for you.
Step 4
From the file menu chose "save as" and chose "All Files" and "UNIX" from the drop downs. Name it .htaccess. Save it some place you'll remember.
Enter the two following chunks of code into the file.
This chunk prevents the file from being viewed thru a browser.
|
<Files .htaccess>
order allow,deny
deny from all
</Files>
|
 |
|
|
This chunk is what force the user to login.
|
AuthUserFile /usr/local/you/somedir/.htpasswd
AuthGroupFile /dev/null
AuthName Demo Protected Space
AuthType Basic
require user demo
|
|
|
|
The first line(AuthUserFile) must point to a path outside of your web root. It must be the "System" path to .htpasswd. Check with your hosting provider for that path.
The reason behind having the .htpasswd file outside of your web root is to keep users from pointing there browser to it and reading the file. The Chmod command could do this, but this is an extra security precaution.
The third line should be a descriptive name like "Company Phone Listing" or "Employee Documents" or whatever you're trying to protect. This helps people remember the user name and password if more than one directory is protected by by different user name and passwords.
The last line should be the user name you want everybody to use to access this directory.
Note that using this will allow only that specific user to be able to access that directory. This applies if you had an htpasswd file that had multiple users setup in it and you wanted each one to have access to an individual directory. If you wanted the entire list of users to have access to that directory, you would replace Require user xxx with require valid-user.
Your completed .htaccess should look very similar to this:
|
<Files .htaccess>
order allow,deny
deny from all
</Files>
AuthUserFile /usr/local/you/somedir/.htpasswd
AuthGroupFile /dev/null
AuthName Demo Protected Space
AuthType Basic
require user demo
|
|
|
|
Click the Next button below to continue.
|
