Managing .htaccess
Can anyone recommend a good web/php front end for managing .htaccess and .htapasswd files? I would be willing to pay a licence fee.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the replies. Have you any experience of these programs. I have already seen them in searches I have done. I'm looking to recommendations.
There are a number of these .htaccess and .htpasswd generators online that are very handy to use, but you need to know what it is you are making, and where to put the files. Here is a nice one I have used before: http://www.htaccesseditor.com/en.shtml#a_basic
That link takes you to the Basic Access .htaccess and .htpasswd page. But what is it exactly that you are making? And what do you do with it once you have made it? Here's what I do. I am presuming you want to restrict access to a folder on your website so that the visitor has to put in a username and a password in order to see what is inside the folder. First, inside the folder you wish to protect, create a file named htaccess, WITHOUT the dot in front of it! Then create a file named htpasswd, also without the dot in front of it. The reason for doing this is because once you put the dot in front of the name of the file, that file becomes a hidden file, and some ftp programs don't allow you to see these files. So you want to be able to put some code in these files, before you put the dot in front of the name.
So, go to the Basic Authentication at the website url I pasted earlier, and the first thing you are going to do is prepare your htpasswd. For instance, I put in admin for the username, and secret for the password. The form then filled in this: admin:6ge9bh2S2rdNQ This is what you copy and paste into the htpasswd file you made on your website. Then the form asks you for the path to your .htpasswd file. This has to be the FULL PATH. Usually, in your FTP program you can see the full path to the directory where your .htpasswd file is going to be kept. You can put it anywhere you wish. Once you put in the full path, this generator creates all the code that has to go into your htaccess file. I just did it and I'm pasting it in here:
<Files ~ "^\.(htaccess|htpasswd)$">
deny from all
</Files>
AuthUserFile /home/yourdomain/yourfolde
AuthGroupFile /dev/null
AuthName "Please enter your ID and password"
AuthType Basic
require valid-user
order deny,allow
Yours will be different, but it will look like this. Paste all of this code into your htaccess file.
Now you have pasted in all the right stuff to both your htaccess file and your htpasswd file. Once you are done, change the name of htaccess to .htaccess That is, put a dot in front of the name htaccess. Do the same for htpasswd. Change the name of htpasswd to .htpasswd Depending on your ftp program settings, these files might disappear from view (because of the dot) but don't worry, they are there. Then, with a web browser, go to the folder you just protected and you should see a little box pop up that asks you for your user/pass.
That link takes you to the Basic Access .htaccess and .htpasswd page. But what is it exactly that you are making? And what do you do with it once you have made it? Here's what I do. I am presuming you want to restrict access to a folder on your website so that the visitor has to put in a username and a password in order to see what is inside the folder. First, inside the folder you wish to protect, create a file named htaccess, WITHOUT the dot in front of it! Then create a file named htpasswd, also without the dot in front of it. The reason for doing this is because once you put the dot in front of the name of the file, that file becomes a hidden file, and some ftp programs don't allow you to see these files. So you want to be able to put some code in these files, before you put the dot in front of the name.
So, go to the Basic Authentication at the website url I pasted earlier, and the first thing you are going to do is prepare your htpasswd. For instance, I put in admin for the username, and secret for the password. The form then filled in this: admin:6ge9bh2S2rdNQ This is what you copy and paste into the htpasswd file you made on your website. Then the form asks you for the path to your .htpasswd file. This has to be the FULL PATH. Usually, in your FTP program you can see the full path to the directory where your .htpasswd file is going to be kept. You can put it anywhere you wish. Once you put in the full path, this generator creates all the code that has to go into your htaccess file. I just did it and I'm pasting it in here:
<Files ~ "^\.(htaccess|htpasswd)$">
deny from all
</Files>
AuthUserFile /home/yourdomain/yourfolde
AuthGroupFile /dev/null
AuthName "Please enter your ID and password"
AuthType Basic
require valid-user
order deny,allow
Yours will be different, but it will look like this. Paste all of this code into your htaccess file.
Now you have pasted in all the right stuff to both your htaccess file and your htpasswd file. Once you are done, change the name of htaccess to .htaccess That is, put a dot in front of the name htaccess. Do the same for htpasswd. Change the name of htpasswd to .htpasswd Depending on your ftp program settings, these files might disappear from view (because of the dot) but don't worry, they are there. Then, with a web browser, go to the folder you just protected and you should see a little box pop up that asks you for your user/pass.
ASKER
PeggyOCO thanks for the info. I am in fact after a web interface to give to users so they can manage their access without generating the .htaccess and .htpasswd files manually. I agree there are a number of solutions around hence me seeking recommendations in the hope that I can shorten the list of candidates to check out.
Oh, I see. I misunderstood the question then. Sounds to me like you need a program to run on your server that will allow your users to create their .htaccess and .htpasswd files without them having to ftp anything up or do anything other than just fill out a form. The program would have to write the files and put them in the right place. Are you using php on your webserver?
ASKER
Yes PHP
I just uploaded a zip file (above).This is a highly rated class from phpclasses.org which contains the methods for managing htaccess files. A php program could be written fairly easily using this class.
Here's another possiblity. WebMin is a very good open source control panel. Along with it you get Usermin. Usermin allows the users to manage their stuff -- among the things they can manage is htaccess files. I've supplied Usermin for some clients and the response was good. Usermin is pretty easy to use. Webmin, for the administrator, is more complex, however, more powerful than CPanel.
ASKER
Thanks for the suggestions. Webmin is definitely out as it is too complex. I merely need a way to manage .htaccess files. As I said I am looking for a front end. I could code but wanted to know if anyone had experience of any of the offerings online.
Directorypass is easy to install and easy to use. It is definitely valuable for quickly adding protection to a directory and managing users by directory.
Although it is highly reviewed on the net and well thought of by sysadmins, it is a perl cgi script, and some people have an aversion to that. If that isn't a deal-breaker for you, though, it couldn't hurt to give it a try.
Although it is highly reviewed on the net and well thought of by sysadmins, it is a perl cgi script, and some people have an aversion to that. If that isn't a deal-breaker for you, though, it couldn't hurt to give it a try.
ASKER
I was unable to get online this morning to update this question due the maintaneace on EEX. In the absence of recommendations I decided on a product called htprotector on Sourceforge. I did in fact look at DirectoryPass too. Nothing against Perl but it turns out it is awkward to set up if you want to protect the program itself with basic authentication as some severs are configured not to allow .htaccess in the cgi-bin folder..
ASKER
My request was for recommendations
http://www.directorypass.com/