WIP!
Most of this site is incomplete, and the current state is available as an open draft. Most of the text here is likely incomplete, misinformed, or just plain wrong. I'm looking for feedback on my website, so that I can:
- Fill in what I'm missing
- Take out what's unnecessary
- Figure out my target audience
- Find the right way to structure the site
- Filter out any errors
To anyone who wants to send me feedback, thank you, and shoot me an email!
Some websites may only be intended for a limited audience. Httpd provides the ability to protect parts of a website by authenticating users against a managed credentials file.
Create the htpasswd file
Httpd needs to know which users to authenticate. The htpasswd utility creates and updates auth files containing lists of usernames and password hashes.
Create a new htpasswd file:
$ doas htpasswd /var/www/users.htpasswd USER
htpasswd will interactively prompt for a password, and then insert a user record into the (new) file. If the file already exists, and there is already a record with a matching username, the record is replaced.
Httpd needs to be able to access this file. Change the file’s owner to the www daemon user,
and limit access to that user only:
$ doas chown www /var/www/users.htpasswd
$ doas chmod 600 /var/www/users.htpasswd
Configure Httpd
The simplest way is to enable the feature within a server directive in /etc/httpd.conf:
server "www.example.org" {
…
authenticate with "users.htpasswd"
}
Reload the daemon to apply the changes:
$ doas rcctl reload httpd
And that’s it!