Differences

This shows you the differences between two versions of the page.

--- computing:accounts:web_publishing:acl [2007/06/11 12:17] – rubin
+++ computing:accounts:web_publishing:acl [Unknown date] (current) – removed - external edit (Unknown date) 127.0.0.1
@@ Line 1: / Line 1: @@
-<box 30% right right-clear red|Web Publishing Information>
-{{indexmenu>:computing:accounts:web_publishing}}
-</box>
-====== Controlling Access to Web Pages ======
-===== By username and password =====
-These steps really have to be performed from the Unix command line. Please also note that preparing files in a non-unix text editor (Windows or particularly Mac) may not work as expected due to the different line break characters used.
-. Create a file named .htaccess in the directory you wish to protect, that looks similar to the following.
-             AuthType Basic
-             AuthUserFile /home/user1/allan/htpasswd
-             AuthGroupFile /home/user1/allan/htgroup
-             AuthName Private
-             <Limit GET POST>
-             require group private
-             order allow,deny
-             allow from all
-             </Limit>
-<note>
-NOTE: Make sure your htpasswd and htgroup files are outside of the public-html directory, so they can't be downloaded using the web server. In this example, the home directory is /home/user1/allan, and we put the password and group files here as they will be inaccessible via the web.
-</note>
-. Create your htpasswd file using the htpasswd command, in the directory you specified above in .htaccess. Note, the htpasswd command is only available on our main servers (physics.umn.edu), not on individual linux workstations.
-            htpasswd -c passwd_file user_name
-eg,
-            htpasswd -c /home/user1/allan/htpasswd username1
-The above command both creates the password file and adds the first user name to it. You should be prompted for a password for the user. You can add further users to the password file using the same command but without the -c switch.
-. Create your htgroup file (using a text editor). It should look something like:
-             private:username1 username2
-<note>
-NOTE: The group name "private" needs to match the specified group name in the .htaccess file in the "require group private" line.
-</note>
-===== By domain name =====
-It's also possible to restrict access according to the clients location. For example, you could restrict a directory to be accessed only from within .umn.edu using a .htaccess file like this:
-       <Limit GET POST>
-       order deny,allow
-       deny from all
-       allow from .umn.edu
-       </Limit>
-You can also restrict access to our department only, but you have to list all the domain names in use here (e.g., hep.umn.edu, space.umn.edu, astro.umn.edu, etc). Note that restricting access in this way doesn't give full security, as it's possible to spoof the domain name... although for most purposes it should be fine.
-If you're working on your pages locally, it may be difficult to test your access rules, to make sure they are working! One way you can do a partial test is to give your protected URL to a web validation service (for example, the [[http://validator.w3.org/|W3C validator]]). If the access control is working, the validator will report not being able to check the page.

User Tools

Differences

Page Tools