How To Generate and Configure Htpasswd For Apache?


Today the world is insecure. We have to provide different types of security measures like authentication. In HTTP servers like Apache or Nginx, we can use HTTP Basic Authentication. HTTP Basic Authentication is an authentication protocol provided by the webserver. We can use htpasswd tool to create HTTP Basic Authentication Database and Users. Using application-level authentication is a better solution by the way.

Install htpasswd Tool

htpasswd is provided by Apache Utils package for Ubuntu, Debian, Mint and Kali. We can install it with the following command.

$ sudo apt install apache2-utils

Install Htpasswd Tool For Fedora, CentOS, RHEL

As RPM-based distributions like Fedora, CentOS and RHEL names Apache as httpd we can install htpasswd with the following command.

$ sudo yum install httpd-tools

Create Htpasswd Database and User

We will create a user password database with the -c option and providing related information like database file name, user, and password. In this example, we will create a database named .htpasswd username ismail and password.

$ htpasswd -c .htpasswd ismail
Create Htpasswd Database and User

List htpasswd Users

We can list existing users from providing a database file with the cat command. Because our file named .htpasswd is just a text file where the password is stored in an encrypted format. The database file is named as db and located under the current directory where the htpasswd command is executed.

$ cat .htpasswd
List Users
List Users

We can see the db file content that there are two columns which are delimited with the : . The first column contains the user name which is ismail, ahmet, ali in this case, and the second column stores passwords in an encrypted version.

LEARN MORE  What is DHCP and How It Works?

Change Existing User Password

We can change the existing user password we just need to provide the user name again like creating from scratch. This will ask us the user password again. In this example, we will change the password of ismail.

$ htpasswd db ismail
Change Existing User Password
Change Existing User Password

As we can see from out that we have successfully update the password of  ismail.

Remove User From htpasswd File

If we want to prevent users from access we should remove users from our database. We will use -D option and specify the user name we want to remove. In this example, we will remove the user named ali.

$ htpasswd -D .htpasswd ali
Remove User
Remove User

Configure Authentication For Apache

Up to now, we have learned how to manage user databases. In this part, we will look at how to configure Apache for basic authentication. The following configuration will be put into Apache main conf or in a site configuration like virtual host.

<VirtualHost *:80>
   ServerAdmin webmaster@localhost
   DocumentRoot /var/www/html
   <Directory "/var/www/html">
   AuthType Basic
   AuthName "Restricted Content"
   AuthUserFile /etc/apache2/.htpasswd
   Require valid-user
   </Directory>
</VirtualHost>
  • In this configuration, we assume that our database file named db is located at /etc/apache2/db
  • This authentication will be applied for the directory /var/www/html

In order to make configuration we should restart Apache2 server after saving configuration.

Check HTTP Basic Authentication

If we try to browse the web page we will get a prompt like below which is asking for username and password those will be checked from our db file.

Check HTTP Basic Authentication
Check HTTP Basic Authentication

Leave a Comment