2

I have a website (http://mywebsite.com.) for a client, and I would like to create some subdomains like (http://trac.mywebsite.com). I would like to create a password protection for this subdomain, that would be called only for the first time someone entered in http://trac.mywebsite.com: for example, if (http://trac.mywebsite.com/source) is entered, no password is asked.

I know apache is capable of handling users and passwords, but could it be a solution to this feature Im looking for?

Thanks in advance!

chmeee
  • 7,270
  • 3
  • 29
  • 43
Somebody still uses you MS-DOS
  • 285
  • 4
  • 13

3 Answers3

3

Warner's links are exactly what you need. Though they should be your comprehensive reference they might be a little dry for an introduction to the concept of mod_auth_*. Try googling for "apache htpasswd" or something similar. Here is a decent tutorial to get you started:

http://www.cyberciti.biz/faq/howto-setup-apache-password-protect-directory-with-htaccess-file/

Note: Works the same for subdomains as it does for subdirectories.

CarpeNoctem
  • 2,397
  • 4
  • 23
  • 32
  • Thanks for the info. Does a password prompt appears every time I hit a subdomain I "protected" with a password? Is it possible to configure this? – Somebody still uses you MS-DOS Feb 28 '10 at 05:31
  • Generally it will be the first time hitting that particular "realm", or protected area, in a session. After that, the browser will reuse the existing credentials without prompting the user for them each time. – fission Feb 28 '10 at 06:23
2

One caution in using the http:// access method and Apache Basic Authentication is that the passwords are sent without encryption. Thus if you using a shared network, this information could be captured.

If you are a little more cautions, you could use https::// where the communication (including the password exchange) would be encrypted between the user and the server.

mdpc
  • 11,698
  • 28
  • 51
  • 65
0

For Apache 1.3:

http://httpd.apache.org/docs/1.3/howto/auth.html

For Apache 2.0:

http://httpd.apache.org/docs/2.0/howto/auth.html

Warner
  • 23,440
  • 2
  • 57
  • 69