1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice

How do I Password Protect Subdomain Directories?

Discussion in 'Plesk for Linux - 8.x and Older' started by cYon, Feb 2, 2005.

  1. cYon

    cYon Guest

    0
     
    Is there a way to password protect subdomain directories via plesk. I also tried with .htaccess and .htpasswd but that didn't seem to work either. Just kept telling me invalid password even though I know it was correct. Any help is appreciated.
     
  2. CBiLL

    CBiLL Guest

    0
     
    htaccess and htpasswd is the only way to do it as far I know for subdomain or cgi-bin folders .. and it works for me so you must have missed something or edited the htaccess incorrectly ..

    Try again and be sure to double check it over ..

    Bill
     
  3. cYon

    cYon Guest

    0
     
    CBill - Could you show me an example of your .htaccess and .htpasswd files?
     
  4. CBiLL

    CBiLL Guest

    0
     
    AuthName "Protected Folder"
    AuthType Basic
    AuthUserFile /home/httpd/vhosts/yourdomain.com/subdomains/yoursubdomain/httpdocs/.htpasswd
    Require valid-user



    Then you create a password for each user by ssh'ing into your server then cd to your folder where you are going to keep all the .htpasswd at and type this ..

    htpasswd -c .htpasswd username

    It will prompt you to set a password and create a file in that folder called .htpasswd with the username and encrpyted password for it ..

    You don't have to have the .htpasswd in the same folder and you can put it outside of your domain root doc for an extra security .

    Bill
     
  5. cYon

    cYon Guest

    0
     
    that worked perfect thanks Bill
     
  6. mantenimiento

    mantenimiento Guest

    0
     
    CBiLL

    I think that this is just what I need, but I don´t know what is ssh'ing into my server. I'm sorry I'm a newbie.

    Can you tell me how can I ssh'ing into my server?

    Thanks a lot
     
  7. adc124

    adc124 Guest

    0
     
    I have double and triple checked my .htaccess and .htpasswd but they WILL NOT WORK with plesk installed on the server?!?!?

    Can anyone help? Is there a way I can turn it back on?
     
  8. ShadowMan@

    ShadowMan@ Guest

    0
     
    If you can protect a directory (any dir) from the Plesk control panel, then mod_auth and/or mod_access is functioning properly.

    Please check/test this first, not on a subdomain, but on a main domain directory.

    If this is working, then there is nothing to 'turn it back on' since this test will show if the required apache modules are functioning.
     
  9. adc124

    adc124 Guest

    0
     
    Yes I can protect other directories via plesk.

    I have also now managed to protect a directory in the subdomain by creating a protected directory in the main site httpdocs folder via plesk, and placing a .htaccess file in the subdomain pointing to the htpassword file created by plesk as suggested on another thread.

    However, for the life of me I cannot get my own .htaccess and .htpasswd files to function, and it's not that I'm new to this technology, I've been doing it for years!
     
  10. ShadowMan@

    ShadowMan@ Guest

    0
     
    Ok, then since Apache's modules are working, then what about comparing the ownership of the Plesk created files to yours?

    On other non-Plesk systems, Apache normally runs as it's own user and ownership of files is less of a problem, but on Plesk, directory and file ownership (both UID and GID) can be tricky.
     
  11. BigRon

    BigRon Guest

    0
     
    I had the same problem, error_log file had lot's of messages like 'user ronald not found: /' and I was absolutely sure that 'ronald' was in the .htaccess file.

    The problem on my box was solved by using /usr/local/psa/admin/bin/htpasswd to create the .htpassword file instead of just 'htpasswd'.

    Don't ask me why this works because it looks like both versions of htpasswd generate about the same .htpasswd file.

    So: /usr/local/psa/admin/bin/htpasswd -c .htpasswd ronald works for me. Hope it is of any help.
     
  12. wuetscher

    wuetscher Guest

    0
     
    How to protect subdomain diectory

    It's possible to do this with Plesk.

    How to:

    Create a new physical hosting: subdomain.domain.tld.
    but dont check the www-box (left beside the domain input box).

    Now you can easy protect your /.

    The subdomain now is a domain :)

    The only disadvantage is that you must create a 2nd ftp account for this domain (you can't use the ftp login off your www.domain.tld)

    That's it.

    Kind regards from Germany
    Christian
     
  13. adc124

    adc124 Guest

    0
     
    Of course!

    I keep forgetting it's possible to set up subdomains like that. Thanks.
     
  14. marcamos

    marcamos Guest

    0
     
  15. femotvaff

    femotvaff Basic Pleskian

    12
    60%
    Joined:
    Mar 22, 2014
    Messages:
    94
    Likes Received:
    0
    This logic is still working in plesk 12 (thank you cBill)

    edit or create .htaccess IN THE ROOT of the SUBDOMAIN

    insert this code inside:

    #################################

    AuthName "Protected Folder"
    AuthType Basic

    #this is the path where you will create the file with password
    AuthUserFile /home/httpd/vhosts/yourdomain.com/subdomains/yoursubdomain/httpdocs/.htpasswd

    # or
    # AuthUserFile /var/www/vhosts/yourdomain.com/subdomains/yoursubdomain/httpdocs/.htpasswd

    Require valid-user

    ################################

    Then you create a password for each user from shell SSH in this way:
    access with root, go inside the directory where you will create the password file, ex

    cd /home/httpd/vhosts/yourdomain.com/subdomains/yoursubdomain/httpdocs/

    (check if you are inside!)
    than edit on the shell:

    htpasswd -c .htpasswd usernamexy

    It will prompt you to set a password and create a file in that folder called .htpasswd with the username chosen and encrpyted password for it ..
    (your credential are i this case "usernamexy" and the password you inserted)

    You don't have to have the .htpasswd in the same folder and you can put it outside of your domain root doc for an extra security .
     
Loading...