Topic: selective access to Web pages with password

Goal:

people who want to access your web page secret.html should enter username/password (given to them by you)

Implementation:

1. define a new directory under ~/public_html/secure:
   Example:
   boaz % mkdir -p public_html/secure/protected

   Here is "protected" the directory in which you will put you web page which should have retricted access.

2. generate there a file ".htaccess" with a content as in the following example:
   boaz % cat >/home/ballisti/public_html/secure/protected/.htaccess
   Order Allow,Deny
   Allow from 129.132.20.0/24
   Allow from 129.132.3.0/24
   Allow from 129.132.67.0/24
   Allow from 129.132.2.192/24
   AuthName "access database"
   AuthType Basic
   AuthUserFile /home/ballisti/.htpasswd-one
   Require user ballisti
   Satisfy all

   Notice:

   • you can leave out the line with "Allow from".
     Their give you the possibility to allow access only to machines from the given subnetwork.
   • the name ".htpasswd-one" can be changed as you like.
     As default usually ".htpasswords" is used, but if you have different user groups you can use a file for each group.

3. Generate a pair 'user_name password' with the command "htpasswd":

   WARNING:

   use "-c" only the first time you generate a password file or if you want to reset it.
   See "man htpasswd".

   
   boaz % htpasswd -c /home/ballisti/.htpasswd-one ballisti
   New password:
   Re-type new password:
   Adding password for user ballisti

   To add more users leave out the parameter "-c". Example:
   boaz % htpasswd /home/ballisti/.htpasswd-one jballisti
    
   boaz % cat .htpasswd-one
   ballisti:wOhGP5gTU0Ubw
   jballisti:JPbBhagMbGBvA

4. Build your HTML code in the subdirectory ~/public_html/secure/protected
   Let suppose you did create a "secret.html" file there.
   P.S.: It is a good rule to have an "index.html" file in each directory for security reasons. So you could for instance make a soft link.
   Example:
   boaz % cd ~/public_html/secure/protected
   boaz % ln -s secret.html index.html

5. Use the URL:

   https://www.ifh.ee.ethz.ch/~your_user_name/protected/secret.html

   and you will be asked to enter User name and Password for access.