Configure Basic Authentication in Apache using .htaccess

To setup basic authentication in Apache first create a .htaccess file in your website root folder or in specific directory and add following code:

AuthType Basic
AuthName "Secure Content"
AuthUserFile /home/myuser/public_html/.htpasswd
require valid-user

Now we create users in .htpasswd as defined in .htaccess file. We can add user and password either in plain text or md5 encrypted.

Adding password in plain text format

htpasswd -c /home/username/public_html/.htpasswd  username

Adding password with md5 crypt format

htpasswd -cm /home/username/public_html/.htpasswd  username

Configure Apache to allow .htaccess Authentication

By standard Apache doesn’t allow to use of .htaccess, So we also need to upgrade below settings in our httpd.conf to allow .htaccess based authentication.

AllowOverride none

AllowOverride AuthConfig

AuthConfig will allow only authentication in .htaccess, other setting will be ignored. To allow all setting defined in .htaccess file use “All” in place of AuthConfig”.

Restart Apache to test Setup

After making any changes in Apache configuration file , we need to restart Apache web service.

service httpd restart