Beefy Boxes and Bandwidth Generously Provided by pair Networks vroom
laziness, impatience, and hubris
 
PerlMonks  

Comment on

( #3333=superdoc: print w/ replies, xml ) Need Help??

As Dogma has alluded to, .htaccess can be problematic when dealing with many users and a lot of usage. Besides what has already been pointed out here, .htaccess also has a problem with repeated verification. Once a user enters a directory containing a .htaccess file, the browser is called upon to provide user name and password for each page requested. The user is only asked once, but the browser, behind the scenes, is having to authenticate with each page requested. This slows things down a bit and could be a real drain on the system with a large number of users.

A good alternative to .htaccess is to modify the Apache configuration file. In RedHat Linux 7.0 it's /etc/httpd/conf/httpd.conf. Check the man pages for httpd on your system, if different. The advantage is that when you enter the protected directory, authentication is conducted only once and not repeated with each page retrieved. This option may not be available, though, if you're renting space on someone else's server.

Assuming you do have access to httpd.conf, here's a sample of text you would include in the configuration file:

<Directory "/var/www/html/intranet">
Options Indexes Includes FollowSymLinks
AllowOverride
AuthType Basic
AuthName staff
AuthUserFile /var/www/users/staff
AuthGroupFile /var/www/users/groups
Satisfy any
require valid-user
require group staff
Order deny,allow
Order allow,deny
Allow from 10.1.71.0/24
Deny from all
</Directory>

A directive like this needs to be put in the correct, general location in the httpd.conf file. Just search for <Directory for the example and place it in that area.

You'll notice that I specify the directory protected in the openning tag (with no trailing slash). I also specify where to find the user file (staff) which contains the user names and their encrypted passwords.

Read the man pages on htpasswd, obviously. But, basically, you create the user file in the directory you want and your first user by typing the following command at the command prompt:

    htpasswd -c staff bob

You'll be prompted to enter the user's password in twice. To add more users to this "staff" file, type:

    htpasswd staff ted

One last comment about my sample configuration: I'm protecting an intranet section of my web site for employees to use from home or work. If they're outside the office, I want them to be authenticated so I can be sure of who it is that's coming in. However, if they're inside my local network, I don't want them to have to worry about authenticating. So I've added the line "Allow from 10.1.71.0/24" where my network subnet is 10.1.71.x.


In reply to Re: cgi and https (mildly off topic) by Spenser
in thread cgi and https (mildly off topic) by coolmichael

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":



  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • Outside of code tags, you may need to use entities for some characters:
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.
  • Log In?
    Username:
    Password:

    What's my password?
    Create A New User
    Chatterbox?
    and the web crawler heard nothing...

    How do I use this? | Other CB clients
    Other Users?
    Others avoiding work at the Monastery: (8)
    As of 2014-04-16 05:16 GMT
    Sections?
    Information?
    Find Nodes?
    Leftovers?
      Voting Booth?

      April first is:







      Results (414 votes), past polls