Restricting Access

It's important to realise that the servers are configured so that via the World Wide Web, any person from anywhere in the world at any hour can obtain any files in your web space. However there are two ways in which it is possible to restrict access. These are only available to clients with virtual domains

First Method

This way you can restrict access to a directory. For example to read http://www.albino.com/space/restricted/, you must enter the username bean and the password stalk

How do you do it?

 It's a little complicated - not for beginners:
  1. Write a file called .htaccess like this: 
    AuthUserFile /web/guide/albino/HTML/space/apples/.htpass
AuthGroupFile /dev/null
AuthName "'bean' and password 'stalk'"
AuthType Basic

<Limit GET POST>
require user bean
</Limit>
    Put the complete name of the directory where you are going to put the password file (.htpass) in place of /opt/web/guide/albino/space/apples/. Put whatever you want after AuthName and the desired user name instead of bean.

  2. Transfer the .htaccess file to the directory which you wish to restrict. You must transfer it in ASCII/text mode or it won't work.Once you have transferred it, you may find it seems to have disappeared because, files that begin with a dot are 'hidden' by the system. If you are using DOS or Windows, you may have trouble creating a file with the name .htaccess. In this case, call it htaccess.txt and change the name once you have transferred it. Also, this file must be written in text format, not in MS-DOS text format.

  3. Connect to your domain by Telnet, and create the directory where you want to put the password file (.htpass), and then change directory to this directory. For example: 
    mkdir apples
cd apples

  4. Type in the command to create the password file: 
    htpass -c .htpass bean
    Substitute the desired username forbean.

  5. The server will ask:

    Adding password for bean
    New password:     type in the password - it won't appear in the screen
    Re-type new password:     type the password again

This is the most basic configuration. There are more details at: NCSA Note that in our system, it is necessary to use the program htpass, not htpasswd. Remember that you won't be able to see these files from FTP, only with Telnet, typing ls -la.

This method only restricts access from the Web. Other users of the server will continue to have access to this directory. In order to protect you most confidential files, it is necessary to use the Second Method.

Second Method

With this method you can restrict reading files. For example, try to read: restricted.html. It's also possible to protect directories, but for total security you should protect both the directories and the files in them.
  1. Conect to your domain by Telnet
  2. Type chmod 700 file.htm or whatever it is.
Copyright 1996, Albino