Apache Access Control Lab
Create 3 directories under your public_html directory:
sales, marketing and engineering
We want to allow salespeople to have access to the /sales documents, engineers
to have access to engineering info, and everyone in the company will have
access to marketing. Our company's domain will be .merrimack.edu
Now change back to your home directory:
Now lets create a password file for our users. In your home directory create
a passwd file:
htpasswd -c passwd.txt homer
This adds user larry to the passwd.txt file and creates a password.
The password file contains a list of users and their encrypted passwords.
The users in this file can be given specific access to derectories you
chose. You can have as many different password files as you want,
but it's generally a good idea to only have one. These user names
can then be added to groups. Groups allow you to easily allow or
deny access based on members of a group.
Now add bart and lisa and marge to the file. You don't need to
use the "-c" option once the password file is created:
htpasswd passwd.txt lisa
Now create a group file called groups.txt in your home
directory it should contain some lines simillar to:
Make sure the password and group files are readable by issuing a chmod
command on each of them:
marketing: bart lisa
chmod 644 passwd.txt
chmod 644 groups.txt
Now let's restrict access to the sales directory by creating a .htaccess
file in the sales directory.
The .htaccess file should contain lines simillar to the following:
AuthName "Sales Info"
require group sales
To restrict access to the other two directories you'll need to create
simillar .htaccess files.
If you get stuck, read about the directives in the apache documentation
(require, allow, deny might be useful)