cd to the directory you want protected
pico .htaccess
Insert the following lines in the new file:
AuthUserFile /Users/username/.htpasswd
AuthGroupFile /dev/null
AuthName ByPassword
AuthType Basic
require user username
Notice that the first line references a file outside the web server’s structure.
You could also add group restrictions, but in this case, I’m just protecting for users (“username” in the sample). Obviously, replace this with the real user name you’d like to use. You can also limit the users to actions other than GET, ie POST or PUT for cgi-bin files. Just add them (with a space between) to the “Limit GET” line.
Next, you need to create a password for username in the location you specified. The htpasswd program will do this for you:
htpasswd -c /Users/username/.htpasswd username
You will be prompted to enter the password twice.
The last thing you need to do is to edit the user’s Apache config file.
Each user has their own “includes” files here:
/private/etc/httpd/users
The file is in the format of “username.conf”
Edit the line that says “AllowOverride None” to read:
AllowOverride AuthConfig
This change MAY also need to be made in the root Apache config at /private/etc/httpd/…
Save your changes, and restart your webserver. The easiest way to do this:
apachectl restart
