It can be done with .htaccess file, but in linux modifying httpd.conf, if you can access, seems more efficient:
just below:
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
Allow from 127.0.0.1
adding some lines like the following:
# blab blab …
<Directory “/path to you website/the directory you want to control”>
Order deny,allow
Deny from All
#Allow from 127.0.0.1
AuthType Basic
AuthName “Password Required”
AuthUserFile “/somewhere/your passwd file”
Require valid-user
# AuthGroupFile /www/passwords/group.file
# Require Group admins
Allow from 127.0.0.1
Satisfy Any
</Directory>
then in xterm, use htpasswd command:
htpasswd “passwdfile” username
at the prompt, input the password
That’s it.
from https://help.ubuntu.com/community/MythWeb
A Little More Secure
This is assuming you are running Ubuntu 8.04, Apache2 have MythTV and MythWeb installed and working correctly. Instead of using htpasswd to generate the passwords we are going to use htdigest. We will also make it so that when accessing MythWeb from your local network you won’t need to authenticate.
Enable htdigest authentication in Apache
* Enter this at the command line:
sudo a2enmod
When prompted for what module you want to enable enter:
auth_digest
The reason we use auth_digest is that it provides a little more security than basic (auth_basic).
Create your password directory
*
We are going to store the password file in the /etc/apache2/passwd directory. The passwd directory will not exist so we will need to make it. We are storing the passwords in this directory because this is not a directory that apache will serve out to the web. This is in case your web server becomes compromised the passwords file won’t be easily accessible.
sudo mkdir /etc/apache2/passwd
Create your password FILE
* We need to generate a password file.
sudo htdigest -c /etc/apache2/passwd/passwords MythTV MYTHUSER
It will then ask you to enter a password and then to confirm that password by entering the same password again. This will create a file called “passwords” in the /etc/apache2/passwd/ directory. The “-c” option “creates” the file. It will add the user “MYTHUSER” to the realm (more on that later) “MythTV”. All you need to do is change “MYTHUSER” to a username you want to use.
DO NOT use the same password that you use for your login username or the root user.
Add users to password file
*
If you want to add another user then run the same command above except DO NOT use the “-c” option. As explained above the “-c” option “creates” the file and will overwrite any existing files. Say you want to add “MYTHUSER2″… you would enter
sudo htdigest /etc/apache2/passwd/passwords MythTV MYTHUSER2
Grant Permissions to the new passwords file
*
sudo chown www-data /etc/apache2/passwd/passwords
sudo chgrp www-data /etc/apache2/passwd/passwords
sudo chmod 640 /etc/apache2/passwd/passwords
The first command changes the owner to “www-data”. This is the user that apache runs on in Ubuntu. The second command changes the group of the passwords file to “www-data”. This is the group that Apache runs on in Ubuntu. The third command limits access to the file. It gives read and write access to the user www-data and it gives read access to the group www-data. The world (or everyone else) will not have read, write or execute permissions to that file.
Edit Apache Config
*
sudo nano /etc/apache2/apache2.conf
Add the following to the bottom of that file.
Options Indexes FollowSymLinks
AuthType Digest
AuthName “MythTV”
AuthUserFile /etc/apache2/passwd/passwords
Require valid-user
Order allow,deny
Allow from 192.168.1.
Satisfy any
*
NOTE: You can substitute nano with gedit. If you are running Ubuntu with a desktop use gedit. If you want to use nano a few hints. Ctrl+o will save the file and Ctrl+x will close the file.
I believe the default Directory for mythweb is /var/www/mythweb. If mythweb is stored somewhere else on your machine you will have to update the first line. As you can see the AuthType is set to Digest which tells Apache that we used htdigest to generate the passwords. AuthName is the realm. Remember we had MythTV in our htdigest command. That was the specify the realm which is the AuthName. AuthUserFile points to our passwords file that we generated using htdigest. Allow from 192.168.1. will allow anyone to connect that has a IP address matching to 192.168.1. This would be anything from 192.168.1.1 through 192.168.1.255. So, if your internal network is different, say, 172.20.1.9 you would change it to Allow from 172.20. This would allow anyone with a IP address between 172.20.0.1 through 172.20.255.255 to connect without authenticating.