Washington University in St. Louis

apache Server Password Configuration

There are five steps that must be done to configure the apache server to use passwords:

  1. Change the server configuration to use the .htaccess file. To do this change the last line of the following: #
    # This controls which options the .htaccess files in directories can
    # override. Can also be "All", or any combination of "Options", "FileInfo",
    # "AuthConfig", and "Limit"
    #
    AllowOverride None
     to read
    AllowOverride AuthConfig

  2. In the same configuration file, change the cgi-bin configuration from:
    #
    # "/usr/local/apache/cgi-bin" should be changed to whatever your ScriptAliased
    # CGI directory exists, if you have that configured.
    #
    <Directory "/usr/local/apache/cgi-bin">
    AllowOverride None
    Options None
    Order allow,deny
    Allow from all
    </Directory>
     to
    #
    # "/usr/local/apache/cgi-bin" should be changed to whatever your ScriptAliased
    # CGI directory exists, if you have that configured.
    #
    <Directory "/usr/local/apache/cgi-bin">
    AllowOverride AuthConfig
    Options None
    Order allow,deny
    Allow from all
    </Directory>
     where the only change was on the 'AllowOverride' command and this example assumes the cgi-bin directory is in its standard location.

  3. Add a file named .htaccess to the cgi-bin directory. This file should contain AuthName "Job Submission"
    AuthType Basic
    AuthUserFile /usr/local/apache/users

    <LIMIT GET POST PUT>
    require valid-user
    </LIMIT>

  4. Create a file named /usr/local/apache directory/users containing the names and passwords of the various users. This file is created using the program /usr/local/apache/bin/htpasswd as follows:
    1. From /usr/local/apache issue:
      ./bin/htpasswd -c users name
      to create the user password file, where name is the name of the user and the flag -c tells the program to create the file named user.
    2. Issue:
      ./bin/htpasswd users name
      for each additional user name you wish to add.

  5. Restart the server.


This site is being maintained by:
Larry Bretthorst
Dept. Of Chemistry and Radiology
Washington University
St. Louis MO 63130

Phone: 314 362-9994