Apache documentation on .htaccess
Apache documentation on auth.html
to create a new password file:
# htpasswd -c /var/www/passwd/passwords rbowen New password: mypassword Re-type new password: mypassword Adding password for user rbowen
to append to existing password file:
# htpasswd /var/www/passwd/passwords rbowen New password: mypassword Re-type new password: mypassword Adding password for user rbowen
To allow access to just specific directories, block access the the root level. The .htacess file in the document root should look like this:
# Refuse direct access to all files Order deny,allow Deny from all Allow from 127.0.0.1 Allow from localhost Allow from 192.168.1.0/24
Then create an .htaccess file in whatever directories you want to allow access to:
Allow from all
Use password protection but allow from IP address
Example:
AuthUserFile /path/to/.htpasswd AuthName "Restricted Access" AuthType Basic require user [username] satisfy any deny from all allow from 192.168.1. allow from 10.1.1.45 allow from 172.16.5.106