Sometimes we need to protect our development/ staging site from indexing of search engines or anonymous visits. Also we should protect from directory browsing i.e. we don't want to list down all files we've stored. In this case we should take help of Apache by configuring httaccess file.
To configure this we do these two simple steps.
1. Creating and placing the credentials data in a file.
Here i've created a file named "htaccess-password-file"
Content inside "htaccess-password-file" is
-----------------------
nirmalya:$apr1$4vPpAb1l$jSHCl/KEuZCgeiHPoWxyz.
-----------------------
File "htaccess-password-file"is containing username along with encrypted password by seperated with ":".
2. Configuring htaccess for htaccess-password-file
At the top of the .htaccess file we'll place these following lines below -
-----------------------
AuthType Basic
AuthName "Restricted Access"
AuthUserFile /srv/typo3/htdocs/htaccess-password-file
Require user nirmalya
-----------------------
We need to change value for "AuthUserFile" as required. This is the absolute path to file "htaccess-password-file" and "Require user" to username.
* This site http://www.htaccesstools.com/htpasswd-generator/ is useful to generate encrypted password.
To stop directory browsing we need to use these following code inside htaccess.
------------------------------
# Apache < 2.3
<IfModule !mod_authz_core.c>
Order allow,deny
Deny from all
Satisfy All
</IfModule>
# Apache รข‰¥ 2.3
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
----------------------------
No comments:
Post a Comment