Your Virtual Private Server Apache Web Server supports user authentication. In other words, it allows you to create password protected directories on your Virtual Private Server web site. Let's say you want to restrict access to the following directory to those with a valid username and password.



You can configure password authentication by connecting to your server via Telnet or SSH and following the steps below.

  1. Create a file named .htaccess in your ~/www/htdocs/billy directory that restricts access to the directory. In our example, we will allow one user (William) to access the directory. The .htaccess file must reside in the directory it will be controlling, so we must put it in the ~/www/htdocs/billy directory.

    You can either create the .htaccess file while connected to your server (using a file editor like pico, for example) or you can create the file on your own PC and Upload it to your Virtual Private Server. The file should contain the following text:

    AuthUserFile /etc/.htpasswd
    AuthGroupFile /dev/null
    AuthName "Bill's Restaurant"
    AuthType Basic
    <Limit GET>
    require user William
  2. Use the htpasswd command to set a password for the new user.

    Substitute your Virtual Private Server login name for LOGIN-NAME below.

    % htpasswd -c /usr/home/LOGIN-NAME/etc/.htpasswd William

    You are free to use a different name or directory location for the password file. Just change the /usr/home/LOGIN-NAME/etc/.htpasswd above to whatever you want.

    The -c flag indicates that you are adding a user to the /etc/.htpasswd for the first time. When you add more users and passwords to the same password file, the -c flag is not necessary.

    % htpasswd /usr/home/LOGIN-NAME/etc/.htpasswd peanuts
    % htpasswd /usr/home/LOGIN-NAME/etc/.htpasswd almonds 
    % htpasswd /usr/home/LOGIN-NAME/etc/.htpasswd walnuts

More Information
The best place to learn about user authentication is from the source (NCSA)

NOTE: You should be aware of one subtle difference with the Virtual Private Server system. When you set up your .htaccess files, you specify the AuthUserFile or AuthGroupFile with respect to your home directory. However, when you set up your .htpasswd files with the htpasswd command you need to prepend /usr/home/LOGIN-NAME to the directory specification.

Please note: the information on this page applies to ITS web hosting plans. It may or may not apply to other environments. If you are looking for a feature described here, or better support from your hosting provider, please consider hosting your site with ITS!

1555 N Naperville/Wheaton Road, Suite 107
Naperville, IL 60563
phone 630.420.2550
fax 630.420.2771