How to configure basic authentication in Apache httpd virtual hosts?

authentication apache-2.2 httpd mercurial http-authentication

You should place this inside a Location directive:

<VirtualHost *:8080>

<Location /> #the / has to be there, otherwise Apache startup fails
            Deny from all
            #Allow from (You may set IP here / to access without password)
            AuthUserFile /usr/local/etc/httpd/users
            AuthName authorization
            AuthType Basic
            Satisfy Any # (or all, if IPs specified and require IP + pass)
                        # any means neither ip nor pass
            require valid-user
</Location>
...
</VirtualHost>

I am running Apache2 on ubuntu 10.04 — same problem and thanks for the solution. I found that I had to put the configuration in /etc/apache2/apache2.conf

You can generate the username and password using htpasswd. New file:

$ htpasswd -c /srv/auth/.htpasswd squire

To append to existing file:

$ htpasswd -b /srv/auth/.htpasswd squire2 tickleme2

You can protect a Location or a Directory. For a Directory add something like:

<Directory /some/dir/cgi-bin/>
    Options +ExecCGI
    AddHandler cgi-script .cgi
    AuthType Basic
    AuthName 'Private scripts'
    AuthUserFile '/some/other/dir/.htpasswd'
    Require valid-user
</Directory>

You can also add Deny and Allow directives for a finer control.

Related

nice sudo or sudo nice?
Run a shell script as a different user
Ansible: copy template only when destination file does not exist
EPEL Repo for CentOS 6 causing error
What is the difference between a 'Login' and an 'Interactive' bash shell
Isn't Ctrl-Alt-Delete on Linux *really* dangerous?
Headless Ubuntu server machine sometimes stuck at GRUB menu
Where are the logs for ufw located on Ubuntu Server?
Straight forward way to run ssh-agent and ssh-add on login via SSH?
logrotate daily and size?
What does mdev mean in ping(8)?
Which OS is running in my Docker container?