Frequently Asked Questions
UBC Mathematics: MathNet FAQ [Private Web Folder]



UBC Mathematics: MathNet FAQ [Private Web Folder]



Question: How do I create a password protected web folder?
Author: Joseph Tam, Thê´ Hà
Date: Feb. 7, 2012

If you need to set up a personal web folder, go to this FAQ entry:

I want a personal web page. What do I need to do to set one up?

This is the official document on how to make password protected web page:

http://httpd.apache.org/docs-2.0/howto/auth.html

Here are the simplified Unix command line instructions to make a password protected web folder:

  1. If it doesn't already exist, create the web folder that will hold the protected contents. For example,

    	mkdir /nfs/HomeWeb/myusername/private
    	cd /nfs/HomeWeb/myusername/private
  2. Within this web directory, create a file called
    .htaccess
    which should contain the following text:
    	AuthType Basic
    	AuthName "My Private Folder Title"
    	AuthUserFile /nfs/HomeWeb/myusername/private/.htpasswd
    	require valid-user

    The AuthUserFile parameter is the location of the your password file, which you can put in the same directory, if you don't have one. ".htaccess" is the usual name for this file.

  3. To populate your password file with users and passwords, use these commands:

    	# First user ...
    	htpasswd -mc .htpasswd fred
    
    	# Each additional user ...
    	htpasswd -m .htpasswd herman
    	htpasswd -m .htpasswd tilda
    	...
  4. Make sure your files and directories have the correct permissions. (See this FAQ entry for more information.

  5. Test this setup by browsing your private web folder:

    http://www.math.ubc.ca/~myusername/private/

Another method to distribute private contents is to encrypt your data (for example, use a password protected Zip archive), then put it into your public web folder and only tell the password to those you want to be able to access your data.

You could also put your data into an unlinked file and only reveal the secret URL to those who should have access to it. This is not very secure.

 
Top