Password protect a Location, LocationMatch or VirtualHost in Apache (XAMPP and Mac OS X)

Protecting a Location or VirtualHost in Apache is very similar to protecting a folder as I explained in “Password protect a folder in Apache (XAMPP and Mac OS X)“. The first part is just the same, creating a file with the user and password you want to use with the htpasswd command. Again, remember to place this file in a folder where no one can download it from the server.

/Applications/XAMPP/xamppfiles/bin/htpasswd -c /Applications/XAMPP/etc/.htpasswd admin
New password: 
Re-type new password: 
Adding password for user admin

Then go to your configuration file where your , and/or tags are and add just the same configuration lines as we did for protecting a folder with .htaccess file. For example to protect the XAMPP special locations open /Applications/XAMPP/xamppfiles/etc/extra/httpd-xampp.conf file and add the lines in bold font:


    AuthName "Protected Area"
    AuthType Basic
    AuthUserFile /Applications/XAMPP/xamppfiles/etc/.htpasswd
    Require valid-user

    Order deny,allow
    Deny from all
    Allow from ::1 127.0.0.0/8 \
               fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \
               fe80::/10 169.254.0.0/16

    ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var

To password protect a VirtualHost just edit the /Applications/XAMPP/xamppfiles/etc/extra/httpd-vhosts.conf file and add the same lines to your VirtualHost. For example:


    AuthName "Protected Area"
    AuthType Basic
    AuthUserFile /Applications/XAMPP/xamppfiles/etc/.htpasswd
    Require valid-user
    ServerAdmin webmaster
    DocumentRoot "/Users/user/Documents/Webs/test.local"
    ServerName test.local
    ServerAlias test.local
    ErrorLog "logs/test.local-error_log"
    CustomLog "logs/test.local-access_log" common
    DirectoryIndex index.php index.html index.htm
    
        #IndexOptions +FancyIndexing NameWidth=*
        #Options Includes FollowSymLinks Indexes
        AllowOverride All
        Order allow,deny
        Allow from all
    
Leave a comment ?

0 Comments.

Leave a Comment