Password protection for your HDA setup pages
From Amahi
| Can be deleted |
|---|---|
| this article has been replaced by Amahi 5 |
THIS PAGE IS NO LONGER VERY RELEVANT - AMAHI HAS PASSWORD PROTECTION AS OF AMAHI 5 RELEASE.
It may apply to other pages/apps.
This guide describes how to password protect your HDA setup pages via HTTP authentication.
Adding the following two files to /var/hda/platform/html/public will add password protection access to your http://hda website.
.htaccess .htpasswd
Note that this is only basic protection, as http authentication is not encrypted.
Steps to password protection
1.- Start by creating the .htaccess file in some folder you can write. It should contain this:
| Text |
|---|
| AuthUserFile /var/hda/platform/html/public/.htpasswd AuthGroupFile /dev/null |
2.- Then you need to create a .htpasswd file containing the users and passwords
- you can go to a public htaccess/htpasswd generator and copy the contents of what the "And this is what your .htpasswd file should look like..." box has
- or you can use the htpasswd command (first time with -c, subsequent times without the -c), like this
| bash code |
|---|
| htpasswd -c .htpasswd USERNAME1 htpasswd .htpasswd USERNAME2 |
The file should contain one line per user like this: USERNAME:3Ce3F4zRcVf42
3.- Both files should be owned by apache:apache and have 600 permissions, so:
a. copy .htaccess and .htpasswd over to /var/hda/platform/html/public/ as root using the cp command in terminal, then:
b. enter the following commands:
| bash code |
|---|
| chmod 600 /var/hda/platform/html/public/.ht* chown apache:apache /var/hda/platform/html/public/.ht* |
If you want users to still be able to access http://hda without a password, but require one to CHANGE settings, change <Limit GET POST> to <Limit POST>. They can see everything under the setup pages, but will be asked for a username and password to commit changes. (Warning: annoying)
