Spiga

Showing posts with label web security. Show all posts
Showing posts with label web security. Show all posts

Password Protection Using .htaccess File

Thursday, December 25, 2008 at 1:14 PM Posted by SONU MISHRA

Password Protection Using .htaccess File:.htpasswd

We can use the .htaccess file as a password protection.To do this we need to add few lines in the .htaccess file.Add the following below lines in the file.


1)Replace "Section Name" with the name of the part of the site you are protecting.
2)Change /full/parth/to/.htpasswd to the full server path to the .htpasswd file.

Now write the file .htpasswd.To do this make a text file and write and save it as .htpasswd.Store this file anywhere within the website (as the passwords are encrypted) but it is advisable to store it outside the web root so that it is impossible to access it from the web.

Once you have created your .htpasswd file (you can do this in a standard text editor) you must enter the usernames and passwords to access the site. They should be entered as follows:

username:password

The password must be in encrypted form.For this do this:

1)To create the .htpasswd file, use the htpasswd command with the following format:
htpasswd [-c] .htpasswd {username}

After executing this command password,you will be asked to enter the password and it will store the password in the file.
Thats all the file is ready and you are ready to implement the file.

Labels: , , 0 comments

What is .htaccess file

Monday, December 8, 2008 at 10:22 PM Posted by SONU MISHRA


What is .hatccess file

.htacess stands for HyperText Access file.This is the default name of configuration file in the server side.It can also be placed in the directory whose security we want as it provides the ability to customize configuration for requests to the particular directory.

Although .htaccess is only a file, it can change settings on the servers and allow you to do many different things, the most popular being able to have your own custom 404 error pages. .htaccess isn't difficult to use and is really just made up of a few simple instructions in a text file.

.htaccess files are often used to specify the security restrictions for the particular directory, hence the filename "access." The .htaccess file is often accompanied by an .htpasswd file which stores valid usernames and their passwords.

Use of .htaccess file

1)Authorization and Authentication.
.htaccess files are often used to specify the security restrictions for the particular directory, hence the filename "access." The .htaccess file is often accompanied by an .htpasswd file which stores valid usernames and their passwords.
2)Customized error responses
Changing the page that is shown when a server-side error occurs, for example HTTP 404 Not Found.
These are some of the most common errors:

401 - Authorization Required
400 - Bad request
403 - Forbidden
500 - Internal Server Error
404 - Wrong page
3)Cache Control
.htaccess files allow a server to control User agent caching used by web browsers to reduce bandwidth usage, server load, and perceived lag.
4)Rewriting URLs
Servers often use .htaccess to rewrite "ugly" URLs to shorter and prettier ones.

Labels: , , 1 comments

Subscribe to: Posts (Atom)