Password-Protect a Web Page Using TerpConnect


The method described in this document is best if the people you want to access your web page have TerpConnect accounts. If they do not, you will need to use the alternate, less secure method. 

To password protect a web page, it must be located in a password-protected directory. To create a password-protected directory, use the following steps:

  1. Change into your pub directory: cd ~/../pub
  2. Create a directory for your password protected web page: mkdir private

    : You can use whatever directory name you like; we have used the name private.

  3. Change the AFS permissions on the directory that you created with the commands:
    fs sa private/ system:anyuser none system:httpd read
    • This will give the web server read permissions and remove the world read permissions that your pub directory has by default.
  4. Change into the directory you just created: cd private
  5. Create a text file called .htaccess containing the following (you might type pico .htaccess to begin creating the file):
    • UseUMDKrbAuth on
    • UseUMDHesiodAuth on
    • AuthType Basic
    • require user username

      : Replace username with the TerpConnect username of the person you want to give access to. If you used Pico to create the file, save it using control-O, press return, and then use control-X to exit. If you want to allow multiple users to access the page, put additional require user username lines in the .htaccess file, one for each username.

That's it! Now, just put the web page you'd like to protect into the private directory. To access the page, point your web browser to:

Where filename.html is the name of your password-protected web page, and yourusername is your TerpConnect login ID. Note that this URL begins with https rather than http.

You should see a small window pop up, asking you for the username and password. Type in the username and password, and you'll be able to access the web page.