Creating a Web Page Directory with restricted access

Creating a Web Page Directory with Restricted Access

Connect to your web page with FTP and Telnet.
Create the new directory for restricted access in the WWW directory.
In Telnet, at the WWW prompt enter chmod 755 yournewdirectoryname to change the permissions for the new directory.
Create a file named .htaccess in the new directory.
(You may do this with a Unix editor such as Pico or you may create it in Notepad and FTP it into the new directory.)
The file should contain the following (you may cut and paste this into your file and replace the appropriate parts as explained below):

AuthUserFile path to password file
AuthGroupFile /dev/null
AuthName ByPassword
AuthType Basic
<Limit GET POST PUT>
require user private
</Limit>

TheAuthUserFile line is the filepath and name of the password file which you will soon be creating.
The path should be listed in the FTP program and will look something like this: /N/fs5/yourusername/Steel/
Add to this a file name for your passwords.
For Example: Begin the filename with a period, followed by the name of the new directory, followed by -passwd.
The whole line might look like this:
AuthUserFile /N/fs5/yourusername/Steel/.private-passwd

Leave the AuthGroupFile set to "/dev/null"

The AuthName line is a name that will show up in the login prompt for the new directory

Leave AuthType line set to "Basic"

Leave "<Limit GET POST PUT>" the way it is

The "require user" line contains the usernames allowed to access the directory separated by spaces.

Leave "</Limit>" the way it is

So it will look like this

AuthUserFile /fs/accountname/.filenameforpassword
AuthGroupFile /dev/null
AuthName "prompt text"
AuthType Basic
<Limit GET POST PUT>
require user joesmith
</Limit>

Save this to .htaccess and copy to your restricted access folder
on the website set the file properties to 644

In Telnet From WITHIN the restricted access folder enter the following at the command line:
htpasswd -c ~/.private-passwd username
htpasswd is a program that creates the password file.
-c   tells the htpasswd program to create a new file rather than use an existing one.
~/.private-passwd   is the name of the new password file. It should be created in the directory above the WWW folder so only you have access to it.
username   is the name for a user that you wish to have access to this directory.
When htpasswd is run, it will ask for a password for the username, it will encrypt the password and save it to the file name listed.
Once the password file is created you must change access permission to it with the following line:
chmod 644 .private-passwd         Note: This can also be done with SFTP by right clicking on the password file, choosing properties and entering 644 as the permission mode
Finally, in Telnet, type Spinweb -R

Test the new directory. If a login window appears when you try to access it and the newly created username and password allow you in then your should be ready to go. If not check to be sure all of the file names are correct and that no steps in the above list were missed. You might also wish to try accessing the directory with the wrong username just to be sure you cannot get in.

More complete instructions are located at: Creating a Web Page Directory with restricted access