In a rather lengthy email message, a reader writes to me that:
I am following your book Creating Cool Web Sites with HTML, XHTML and CSS and am trying to protect a subdirectory on my website. The following is the .htaccess code
AuthUserFile /www.bvg.us/uswholesale/uspasswords/passwords.txt AuthGroupFile /dev/null AuthName "Please enter your login name and password" AuthType Basic <Limit GET> require user weiyang require user annawei </Limit>The “passwords.txt” reads
user weiyang:wy user annawei:awBy doing so, I can get the “log in” box but can not login with the info that I set. Could you help me on this?
Thanks for writing and your excellent detailed question. You have everything correct except you’ve missed one important step: the passwords in the htpasswd file (which you’re calling “password.txt”) need to be encrypted.
The easiest way to generate the encrypted passwords is to use ssh (or telnet if you must) to connect to the server, then type the command htpasswd passwords.txt acct for each of the accounts you want to create. The program prompts you for the desired password, encrypts it, and then adds the appropriate line to the password file automatically.
If you don’t have the htpasswd command available, you can download a copy of the program from my Wicked Cool Shell Scripts book Web site, portably written in Perl.
Once you’ve done that, your password file should look more like this:
admin:VKJ994JdmWHxA tintin:gjpumwPY/bRv2 banana:9NPJc88Ky9AWQ barney:rAuOt0D7IChF. joe:4o19P5g5hlPZU
Hope that gets you up and running!
Anyone know how to do this without using a username? Like just have it ask for a password?
thanks
dn