Cakephp Password Protection with htaccess and htpasswd - howto?
Asked Answered
P

2

7

How can I password protect my website during development with htaccess in Cakephp?

  • which htaccess file do I have to change?
  • what do I have to write in the htaccess
  • where do I put the .htpasswd?

I searched google for that but couldn't find anything useful, I hope you could help me!


Thanks Till that helped me solve the problem!

For CakePHP-Users: - Modify the .htaccess in /app/webroot/ - add something like that at the beginning of the .htaccess-file:

AuthName "Restricted Area" 
AuthType Basic 
AuthUserFile /complete/path/to/.htpasswd
AuthGroupFile /dev/null 
require valid-user

Now create the .htpasswd-File in /app/webroot/ and drop something like this in:

admin:PASSWORD

The "PASSWORD" is a transformed version of your real password, I created it with this tool: http://tools.dynamicdrive.com/password/

I think there are much more ways to create this, but for me it worked and maybe this helps other cakephp users too.

Pepsin answered 14/4, 2009 at 11:11 Comment(0)
L
9

You probably have a .htaccess in your document root, so you would add to this file since it's the first so to speak -- if you want to protect the entire website. Otherwise add a .htaccess file in the directory you wish to protect.

Then, check out this howto: http://httpd.apache.org/docs/2.2/howto/auth.html

In a nutshell, this is what you add:

AuthType Basic
AuthName "dev"
AuthUserFile /complete/path/to/.htpasswd
Require valid-user

The command to add users is:

htpasswd -c /complete/path/to/.htpasswd yourusername

Make sure you read the above howto anyway!

Luminary answered 14/4, 2009 at 11:33 Comment(2)
This doesn't work for me. It causes a 500 internal server error.Wholesome
But that's because I didn't create the passwd file first.Wholesome
T
0

http://snook.ca/archives/servers/password_protect_admin/

The first link has information on using .htaccess security from within cake apps. The comments include a >hackish< workaround on how to do this for only the admin routes.

Trustless answered 27/8, 2009 at 23:20 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.