[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 366
  • Last Modified:

.htaccess on IIS?


I have a bunch of PHP websites that are currently hosted on a Linux server that I am trying to "migrate" to a Windows server. Many of the websites make use of .htaccess and .htpasswd to protect folders.

Is there any way I can make this work on IIS - or do I have to re-do all of them?
3 Solutions
IIS does not evaluate a .htaccess file. Guess you have o redo all of them. If you change php-setings via .htaccess, see http://www.php.net/manual/en/configuration.changes.php#configuration.changes.windows
If you want to set PHP options then, in certain combos of IIS and PHP (although i forget which), placing a php.ini file in each directory that you would have had a .htaccess and settings the dir specific values there will work.

For htpasswd emulation on IIS you can either muck around creating system user accounts or go check out the freeware

psimationAuthor Commented:

the main "feature" I want to have work is the directory password feature of .htaccess and .htpasswd

I already stumbled apon the troxo crowd, I sent that link to my ISP to ask them if they would be willing to install it on their servers.

Do you have any experience with that? Will it "just work" or will there still be "tweaking" involved?
ah well in that case unless you have RDP access It will probably require your isp to set the password options for each directory for you which may be a pain.

Another option, which again involves your ISP getting involved, is to ask them to install some form of mod_rewrite for IIS, there are several in existance and I can't recommend any in particular.
Using that you could rewrite any access to the directory in question to change




Then in index.php do something along the lines of tgis bit of psuedo code

$_SESSION['filename'] = $_GET['file'];
if($_POST['username'] or $_SESSION['validuser']){
      authenticate the username and password
     add session vars to remember they've authenticated for a while to save them loging in again
   check if there is a filename in the session
    send correct MIME header for the file type
    Open the file and send it byte by byte
} else {
    display login form which posts back to this script
Use ISAPI Rewrite for IIS
you can find it from http://www.isapirewrite.com

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now