Empowering your business

Authentication-htaccess file

Definition of Authentication:

Authentication is any process by which a system verifies the identity of a user who wishes to access it.

What is .htaccess file?

As the name suggests htaccess means Hypertext access file. It is a directory-level configuration file supported by the web servers. htaccess file is used in Apache web server software.

How to create .htaccess file?

AddType x-mapp-php5 .php

AddHandler x-mapp-php5 .php

Note:

AddType-it maps the given filename extensions on to the specified content type(MIME type,language,encoding or character set).

Syntax: AddType media-type extension [extension]…

Example: AddType image/gif .gif .GIF

AddHandler-it handles the file types.

Syntax: SetHandler handle

Example: SetHandler cgi-script

Error documents in .htaccess file:

You can create your own custom error documents or pages,for example,if the url on your website does not work then this will avoid the ‘404 file not found error’ and allows you to display a friendly error.

Syntax: ErrorDocument 404/error_pages/404.html

Example: http://www.yourdomain.com/error_pages/404.html

  • this example tells the apache web server to display the document located at error_pages/404.html whenever a 404(file not found) error occurs.
  • 404.html->error document is created.
  • error_pages->it is a directory where the 404.html is placed under your domain.

Redirecting URL’s in .htaccess file:

Enables us to direct web site visitors from one document within your web site to another.

Syntax: Redirect /old_dir/ http://www.yourdomain.com/new_dir/index.html

It tells the apache web server that if a visitor requests a documents located in the ‘old_dir’,then it will display the document ‘index.html’ located in the ‘new_dir’.The url is located in old_dir.We have to request a document located in old_dir to new_dir in index.html.

old_dir: http://www.yourdomain.com/old_dir/

this means the location of the file that the visitor is to be redirected to is a full website URL and not relative URL.

Now,the main difference between absolute URL and relative URL is that an absolute URL contains more information than the relative URL does while the relative URL is more convinent than absolute URL because they are shorter and offen more portable.

.htpasswrd file:

This file is used to store login details.This files are used when the password protecting a website or a directory using HTTP authentication and Apache’s htaccess files.The htpasswd file contains username in plain text (unencrypted) and a hashed (encrypted) password.You can not see the actual passwords as they are hashed (encrypted) using a complex algorithm.On Windows the passwords are hashed using MD5, and on Linux its based on a system function called “crypt()”.

Example:

andreas:$apr1$dHjB0/..$mkTTbqwpK/0h/rz4ZeN8M0
john:$apr1$IHaD0/..$N9ne/Bqnh8.MyOtvKU56j1

This is an encrypted password written in crypt().

.htpasswd generator is used to store entries in the .htpasswd file.htpasswd generator creates password that are hashed using md5 algorithm..htaccess Authentication generator creates htaccess file that will protect your site or directory.To create htpasswrd file we have to write the code which are as follows:

AuthUserFile /usr/local/username/safedirectory/.htpasswd

AuthGroupFile /dev/null

AuthName “Please Enter Password“

AuthType Basic

Require valid-user

AuthUserFile: This line designates the server path to the .htpasswd file.

AuthGroupFile: This line can be used to convey the location of the .htgroup. As we have not created such a file, we can leave /dev/null in place.

AuthName: This is text that will be displayed at the password prompt. You can put anything here.

AuthType: This refers to the type of authentication that will be used to the check the passwords. The passwords are checked via HTTP and the keyword Basic should not be changed.

Require valid-user: This line represents one of two possibilities. “Require valid-user” tells the .htaccess file that there are several people who should be able to log into the password protected area. The other option is to use the phrase “require user username” to indicate the specific permitted person.

Example of htaccess file for images: For securing our images we use htaccess file so that it will give protection to our images using password. The images will not be disclosed and used by others.The users having rights will only access the images.

Subscribe

Stay updated with our newsletter, we occasionally do write about technology, open source and best practices.
Don't worry, we will never share your details and won't spam you either.