Setting Up Password-Protected Directories

  1. Create an htpasswd file in your home directory on the server
  2. Create an .htaccess file in your course folder on the server
  3. Testing HTAccess password protection

If you want to restrict access to one of your web directories on a Unix server, the simplest way to do it is to create a .htaccess file in that directory.

Note: in what follows you will create an htaccess-username and an htaccess-password. (These are not your DuckID-username and DuckID-password that you use to log in to Blackboard.)

A. Create an htpasswd File on shell.uoregon.edu

  1. You will need a Terminal window on your computer that is connected to shell.uoregon.edu. You can do this by using SSH (Windows) or the ssh command in a Terminal window (OS X).

    When you connect to shell.uoregon.edu you will be in your home directory on the server (example: /home2/susieQ/).

    Do not move to your public_html directory. If you create a passwd file in your public_html directory it will be accessible on the web, not a good idea.

  2. At the command line in the shell window, enter the Unix htpasswd command:

    htpasswd -c htpasswd 111

    Explanation:

    htpasswd: the name of the Unix command
    -c: the 'create file' switch. Omit if you are adding a password to an existing htpasswd file.
    htpasswd: the name of the password file that is being created (or added to)
    111: This is the HTaccess user-name. Replace 111 with the number of the course you are in, e.g., 110, 111, 122, etc.

    • The -c switch creates the file htpasswd if it does not exist. If the file does exist, the -c switch first deletes the existing file and then creates a new one. To remember this, think "-c stands for create file".

    • If you have already used this command to create an htpasswd file in another CIS class then omit the -c switch.

  3. When prompted, enter and verify an htaccess-password. Use digits 4 through 6 of your UO ID (i.e., your UO 95#).

    The characters you type on the keyboard will not be echoed, for security, so it appears that nothing is happening (but it is).

    It is important to get this right, because your instructor and GTF will use these digits to access your project directory.
    Example:
    If your UO ID is: 950-62-4321
    The 4th - 6th digits are: 624

    Example:
    If your UO ID is: 951-89-6291
    The 4th - 6th digits are: 896

    The command creates a file named htpasswd in your Unix home directory; the file stores HTAccess usernames and HTAccess passwords.

    You can add entries to this file later by using same command but this time omitting the -c switch: htpasswd htpasswd 110

B. Create an .htaccess file in your course folder on the server

  1. Start a text editor on your computer and create a file named .htaccess (the filename starts with a dot).

  2. Paste the following five lines into the .htaccess file. Replace /home4/susieQ with the path to your home directory; replace 111 with your course number (110, 111, 115, 281, 382, ...)

    AuthUserFile /home7/susieQ/htpasswd
    AuthGroupFile /dev/null
    AuthName "CIS 111"
    AuthType Basic
    require user 111

  3. Upload the .htaccess file to your course folder on the server (110, 111, 115, 281, 382, ...)

C. Test your Course Folder on the Server for Password Protection

Now you can go to your web browser and see if your .htaccess file works.
  1. Enter the URL for your course folder on the server uoregon.edu.

    Example: URL for SusieQ's 110 folder:
    http://www.uoregon.edu/~susieQ/110/            

    Example: URL for Jacque Bonhomme's 111 folder:
    http://www.uoregon.edu/~jbonhomme/111/        

    Your browser will prompt you to enter the htaccess-username and htaccess-password.

  2. Enter the username and password that you set up in the first part of this exercise (username: 111, password: digits 4-5-6 of your student id #.) and click OK.

    If you are successful, you will see a directory listing for your course folder on the server.