|
|
|
|
Web Page Access Control
Basics
The Gifford Internet Web server provides the means by which you can specify
who should be allowed to access your Web pages. You can
permit or deny access to a set of pages in a directory (or folder) based on
a host name,
a domain name, an IP address or a user name and password combination.
The information below will show you how to control access to your pages
and provide you with an example.
Before serving a document, the Web server will check to see whether the
user is allowed to access the document. It does this as follows:-
- Determines whether access control has been enabled. This will be true
if the directory contains a file called
.htaccess. If access
control has not been enabled, then the document is served.
- If access control is enabled, the server checks the contents of the
file .htaccess
to determine whether to allow or deny access.
Access will allowed if the details of the requesting host match the
details specified in
.htaccess.
- The access control file,
.htaccess,
may also indicate that user
authentication is required. If this is the case, then the Web server
will instruct the browser to request a username and password combination
from the user. If the browser is 'authentication capable', it will
display a dialogue box via which the user can enter the details. When
the Web server receives the details, it will verify them against the
information held in the document owner's password file. If the details
are correct, access is permitted, otherwise, access is denied.
Examples
1. Permitting access only to computers in the Gifford Internet domain
2. Permitting access only to named individuals
- Create a sub-directory (under your public_html directory) which will
contain the documents to be protected. This can be done using your
FTP tool.
- Create a file on your computer containing the following:-
AuthUserFile /var/www/pass/...username...
AuthGroupFile /dev/null
AuthName Access Control
AuthType Basic
<Limit GET>
order deny,allow
require user fred,barney
</Limit>
Note: The characters "...username..." must be replaced by your login name.
- Upload this file to the newly created directory and change its name to
.htaccess
- Upload the documents to be protected into the newly created directory.
- Telnet to the Web server www.gifford.co.uk and set your default working
directory to be the newly created sub-directory.
- You will now need to create the password file and add user passwords.
The password file will be created when you add the first password.
When you add subsequent passwords, it will only be updated. Therefore,
to add the first password which allows fred to access the pages,
issue the following unix command and reply to the prompts:-
htpasswd -c /var/www/pass/...username... fred
And to add a subsequent password which allows barney to access
your pages, issue the following unix command and reply to the prompts:-
htpasswd /var/www/pass/...username... barney
Note the use of the -c flag when the password file is first
created. Also, note that the characters "...username..." must be
replaced by your login name.
Notes
- Each account holder is allowed 1 password file.
- The name of your password file must be the same as your login name. Password
files which are not correctly named will be deleted!!!
- If you permit access to your pages based on domain name(s), computer
name(s) or IP address(s), you must inform those that are permitted access
that they will not be able to look at your pages via a Web-cache unless you
include the Web-cache in the list of computers which are allowed access.
- If you have any problems trying to use this facility, then send email
describing the problems to
support@gifford.co.uk.
|
|
