When setting up a web server, there are often sections of the site that you wish to restrict access to. In order to restrict access to a certain page, a password-authentication will be used. In this guide, we will demonstrate how to password protect assets on an Apache web server running on Ubuntu 14.04.

First, you need to install the Apache Utilities Package.

  sudo apt-get update
  sudo apt-get install apache2 apache2-utils

source code hosted on GitHub

Next, you need to create the password file for the Apache Utilities to use.

  sudo htpasswd -c /etc/apache2/.htpasswd username

source code hosted on GitHub

You will be asked to supply and confirm a password for the user you just created.

You may view the username and encrypted password for each user:

  cat /etc/apache2/.htpasswd

source code hosted on GitHub

Next, all you need to do is to configure the Apache file for the access control.

  sudo vi /etc/apache2/sites-enabled/000-default.conf

source code hosted on GitHub

Add the following code to your Apache config file.

  <Directory /path/to/protect>
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
  </Directory>

source code hosted on GitHub

Now, you need to restart your Apache web server for it to take effect.

  sudo service apache2 restart

source code hosted on GitHub

To confirm that your content is protected, try to access your restricted content in a web browser. A login widget should pop up.

Wrapping Up

Hopefully this guide has helped you to solve your problem of adding simple password authentication using Apache Utilities. I hope that this tutorial has helped you and thank you for reading!

Resources

I’ll try to keep this list current and up to date. If you know of a great resource you’d like to share or notice a broken link, please let us know.

Getting started