How do I Password Protect Subdomain Directories?

[cYon]

Is there a way to password protect subdomain directories via plesk. I also tried with .htaccess and .htpasswd but that didn't seem to work either. Just kept telling me invalid password even though I know it was correct. Any help is appreciated.

 

[CBiLL]

htaccess and htpasswd is the only way to do it as far I know for subdomain or cgi-bin folders .. and it works for me so you must have missed something or edited the htaccess incorrectly ..

Try again and be sure to double check it over ..

Bill

 

[cYon]

CBill - Could you show me an example of your .htaccess and .htpasswd files?

 

[CBiLL]

AuthName "Protected Folder"
AuthType Basic
AuthUserFile /home/httpd/vhosts/yourdomain.com/subdomains/yoursubdomain/httpdocs/.htpasswd
Require valid-user



Then you create a password for each user by ssh'ing into your server then cd to your folder where you are going to keep all the .htpasswd at and type this ..

htpasswd -c .htpasswd username

It will prompt you to set a password and create a file in that folder called .htpasswd with the username and encrpyted password for it ..

You don't have to have the .htpasswd in the same folder and you can put it outside of your domain root doc for an extra security .

Bill

 

[cYon]

that worked perfect thanks Bill

 

[mantenimiento]

CBiLL

I think that this is just what I need, but I don´t know what is ssh'ing into my server. I'm sorry I'm a newbie.

Can you tell me how can I ssh'ing into my server?

Thanks a lot

 

[adc124]

I have double and triple checked my .htaccess and .htpasswd but they WILL NOT WORK with plesk installed on the server?!?!?

Can anyone help? Is there a way I can turn it back on?

 

[ShadowMan@]

If you can protect a directory (any dir) from the Plesk control panel, then mod_auth and/or mod_access is functioning properly.

Please check/test this first, not on a subdomain, but on a main domain directory.

If this is working, then there is nothing to 'turn it back on' since this test will show if the required apache modules are functioning.

 

[adc124]

Yes I can protect other directories via plesk.

I have also now managed to protect a directory in the subdomain by creating a protected directory in the main site httpdocs folder via plesk, and placing a .htaccess file in the subdomain pointing to the htpassword file created by plesk as suggested on another thread.

However, for the life of me I cannot get my own .htaccess and .htpasswd files to function, and it's not that I'm new to this technology, I've been doing it for years!

 

[ShadowMan@]

Originally posted by adc124
Yes I can protect other directories via plesk.

I have also now managed to protect a directory in the subdomain by creating a protected directory in the main site httpdocs folder via plesk, and placing a .htaccess file in the subdomain pointing to the htpassword file created by plesk as suggested on another thread.

However, for the life of me I cannot get my own .htaccess and .htpasswd files to function, and it's not that I'm new to this technology, I've been doing it for years!

Ok, then since Apache's modules are working, then what about comparing the ownership of the Plesk created files to yours?

On other non-Plesk systems, Apache normally runs as it's own user and ownership of files is less of a problem, but on Plesk, directory and file ownership (both UID and GID) can be tricky.

 

[BigRon]

I had the same problem, error_log file had lot's of messages like 'user ronald not found: /' and I was absolutely sure that 'ronald' was in the .htaccess file.

The problem on my box was solved by using /usr/local/psa/admin/bin/htpasswd to create the .htpassword file instead of just 'htpasswd'.

Don't ask me why this works because it looks like both versions of htpasswd generate about the same .htpasswd file.

So: /usr/local/psa/admin/bin/htpasswd -c .htpasswd ronald works for me. Hope it is of any help.

 

[wuetscher]

How to protect subdomain diectory

It's possible to do this with Plesk.

How to:

Create a new physical hosting: subdomain.domain.tld.
but dont check the www-box (left beside the domain input box).

Now you can easy protect your /.

The subdomain now is a domain

The only disadvantage is that you must create a 2nd ftp account for this domain (you can't use the ftp login off your www.domain.tld)

That's it.

Kind regards from Germany
Christian

 

[adc124]

Of course!

I keep forgetting it's possible to set up subdomains like that. Thanks.

 

[marcamos]

Thought I'd link to an article that explains how I did this very thing: http://marcamos.com/password-protect-a-subdomain-with-plesk/

 

[femotvaff]

This logic is still working in plesk 12 (thank you cBill)

edit or create .htaccess IN THE ROOT of the SUBDOMAIN

insert this code inside:

#################################

AuthName "Protected Folder"
AuthType Basic

#this is the path where you will create the file with password
AuthUserFile /home/httpd/vhosts/yourdomain.com/subdomains/yoursubdomain/httpdocs/.htpasswd

# or
# AuthUserFile /var/www/vhosts/yourdomain.com/subdomains/yoursubdomain/httpdocs/.htpasswd

Require valid-user

################################

Then you create a password for each user from shell SSH in this way:
access with root, go inside the directory where you will create the password file, ex

cd /home/httpd/vhosts/yourdomain.com/subdomains/yoursubdomain/httpdocs/

(check if you are inside!)
than edit on the shell:

htpasswd -c .htpasswd usernamexy

It will prompt you to set a password and create a file in that folder called .htpasswd with the username chosen and encrpyted password for it ..
(your credential are i this case "usernamexy" and the password you inserted)

You don't have to have the .htpasswd in the same folder and you can put it outside of your domain root doc for an extra security .