I am now studying some security part of web development.
The book I am reading now tells me that I need to set some security process in order to protect files in a particular folder and I think it's a good idea.
The thing is the book doesn't teach me how to set that process.
If I have admin folder under the root folder, then how can I make the admin folder ask username and password when it is asked to show its content? Please teach me the commands for it!
image: http://ecsite2.yongsookim.com/images/qu.png
PS: I am using php on CentOS6.5 and should use command.
As long as you are using Apache, you can use an .htaccess file, placed within the directory you are trying to secure.
There are a few steps, so I will try to go through and briefly explain each:
You need to make sure that either AllowOverride or AuthConfig are enabled in your httpd.conf file, normally found in the apache2 or httpd directory in /etc folder on your server.
Create a password file outside of the web-accessible directory. You could place it in your Apache folder. Here is an example: htpasswd -c /etc/apache2/.htpasswd yourusername Of course, set yourusername to whatever username you like. It will then prompt you to enter a password, and then verify.
Use your favorite text editor to create and edit the .htaccess file. I use nano, so your first command would be nano .htaccess (make sure you are already in the directory).
AuthType Basic Authname "My Secured Folder - Authorized Access Only" AuthUserfile /etc/apache2/.htpasswd Require user yourusername
Save the file and exit.
You may need to restart apache, but that's about all there is to it. Now whenever you try to point your browser to that folder, you will be prompted just as in your screenshot example for a username and password.
There are many resources on the web that most likely do a more thorough job at explaining how and what other options you have aside from a single user. You can even have it require a normal linux user, or many users. You can also assign groups of users. Take a look at these pages for a more in-depth answer:
