{{tag>webserver apache}}

====== Password protect site with htaccess in Apache ======
===== Create the Password File =====



    apt-get install apache2-utils
    htpasswd -c /etc/apache2/.htpasswd <username>

===== In vhost conf add: =====

    AuthType Basic
    AuthName "Restricted Content"
    AuthUserFile /etc/apache2/.htpasswd
    Require valid-user

==== Example protecting the directory: ====


    <Directory /var/www/example>
            AllowOverride All
            Options FollowSymlinks
            AuthType Basic
            AuthName "Restricted Content"
            AuthUserFile /etc/apache2/.htpasswd
            Require valid-user
    </Directory>
    
 ==== Example protecting the URL: ====

    <Location /admin>
        AuthUserFile /var/www/htpasswd/.htpasswd
        AuthName "Password Protected Area"
        AuthType Basic
        Require valid-user
    </Location>

Do it for both non-ssl and ssl vhost configuration

====== Check conf and reload web server ======

  apachectl -t
  systemctl reload apache2


====== See also ======
  * [[wiki:password_protect_nginx_site|Password protect nginx site]]
  * [[wiki:download_file_apache_website_by_sending_custom_header|Download file from apache website by sending custom header]]

====== References ======
  * https://www.digitalocean.com/community/tutorials/how-to-set-up-password-authentication-with-apache-on-ubuntu-14-04
  * https://tecadmin.net/how-to-secure-specific-url-in-apache/