.htpasswd

Drupal Logo

Setting Up Basic Authentication On A Drupal Site Without .htaccess

14th July 2015 - 6 minutes read time

Basic HTTP authentication is a simple authentication mechanism that is used to prevent access to a site or directory on a server. It is by no means the most secure authentication mechanism but it is commonly used on staging sites in order to prevent unwanted access. This is a good way of preventing search engine bots from spidering the staging site, which is undesirable as it can cause staging site pages appearing in search engines results.

The usual route to set this up is to create a .htaccess that sets up the authentication and references a .htpasswd file to create the username and password details. This can mean editing the .htaccess file in order to setup the password correctly. Unfortunately, this creates a .htaccess file that shouldn't be added to the repository as it would mean that the live site would also be password protected when the code is deployed.

Apache HTTP Logo

Turning Off Apache Basic Authentication For A Single Directory

11th September 2013 - 4 minutes read time

When setting up staging sites or similar I often add a simple Apache authentication check in order to stop everyone from viewing the site. This is also useful in stopping search engine spiders from accessing a site with testing content on it, which generally causes trouble. It isn't amazingly secure, but it keeps almost everyone out.

Apache HTTP Logo

Installing SVN With Web Access Through Apache On Ubuntu

1st April 2009 - 6 minutes read time

Getting started with SVN on Ubuntu takes only a few minutes, and enabling web access to the repository is also very straightforward.

First (in order to actually serve the files) you need to install Apache, open up a terminal window and run the following command. This will ensure that Apache is installed if you unselected it for some reason during the install.


sudo apt-get install apache2

Note the use of the sudo command. This will run the command you give it as a super user as normal users will not generally have access to install software like this. When you use sudo you will be prompted for the super user password. Next, use the following command to install SVN.

Apache HTTP Logo

Setting Up LDAP With Active Directory On Apache

21st January 2008 - 5 minutes read time

Using a simple .htpasswd to password protect a directory or website is fine if you only have a few users, and they don't change very much. However, this quickly becomes impossible to maintain if you have lots of users. For example, if you wanted to secure access to the company Intranet you might spend quite some time trying to update your .htpasswd file. The best way to do this is to transfer all of the user administration over to an LDAP server and then get Apache to communicate with this directly. The Active Directory (AD) system that Microsoft uses allows LDAP communications, and as this is in use across many company networks it is an ideal candidate to use.

You first need to set of the LDAP modules on your Apache server. Uncomment or add the following lines in your http.conf file. You will need to make sure that the files actually exist as well.