Internet and WWW Guides

Protected Web Pages

There are several ways of restricting access to personal web pages on the Computer Science departmental web service

Internal Web Server

The simplest way to restrict access to web pages is to create a folder local_html in your home directory (H: drive) and place the web pages there. This works in exactly the same way as the public_html folder, but the pages are visible under{username}/
rather than{username}/

The www2 server is freely accessible to all machines on the local CS departmental network, but any access from outside the department will prompt for a (CS) username and password. This effectively restricts access to students and staff (and legitimate visitors/collaborators) of the Computer Science department.

Restrict to Valid Users

Pages located within the public_html folder hierarchy (i.e. on the server can be restricted to valid CS users in a similar manner, by creating a file .htaccess within the directory to be protected. This should contain the following settings:

 AuthPAM_Enabled        on
        AuthPAM_FallThrough    off
        AuthBasicAuthoritative off
        AuthName         "Computer Science Internal"
        AuthType         Basic
        require          valid-user

        Order      allow,deny
        Allow      from all

and then be made globally readable ("chmod a+r .htaccess"). Again, this will prompt for a (CS) username and password before delivering any pages in that folder. Note that any links to these files should use secure https URLs, to avoid departmental usernames and passwords being transmitted over the Internet unencrypted.

Explicit Password Protection

You can also protect a (directory of) web pages by requiring an arbitrary username and password to be supplied before the pages are delivered. This is similar to the approach above, but the .htaccess file should contain the following instead:

 AuthName         "My Restricted Pages"
        AuthType         Basic
        AuthUserFile     $HOME/.htpasswd
        require          valid-user

        Order      allow,deny
        Allow      from all

(replacing $HOME with the name of your home directory - use the Linux command "echo $HOME" to determine this).

It is then necessary to construct the file $HOME/.htpasswd. This can be done by running the Linux command
htpasswd -c $HOME/.htpasswd {user}
(where {user} is the name that people should use), and supplying the password (twice) when prompted to do so.
If you wish to support more than one username/password combination, then use the commands:

 htpasswd -c $HOME/.htpasswd  {user1}
    htpasswd    $HOME/.htpasswd  {user2}
    htpasswd    $HOME/.htpasswd  {user3}

Note that the .htpasswd can be located anywhere within your personal filestore (and the file can have any convenient name) but it should NOT be stored anywhere within the public_html tree.