Htaccess is a file that allows users access to a number of Apache webserver runtime directives and configuration. Its most common use is to provide access control or authentication for webpages. We have two ways for you two password protect your pages:

  • The easy way with ONID/CAS (available for use in personal homepages, class directories, and group web directories)
  • The standard way using .htaccess plus a password file

The Easy Way

If you would like to password protect your ENGR public_html website or website subdirectory with ONID/CAS, it couldn't be simpler. Just create a file called ".htaccess" (without the quotes) and put it in the root of your public_html folder or any subfolder of that directory.

Authtype CAS
require user onidusername

Replace "onidusername" with the actual username you want to have access to this directory - you can add as many users as you like on the same line seperating them with a space. No linebreaks or return characters!

If you would simply like to restrict the site or directory to _anyone_ with an OSU login, put the following in lines in your .htaccess file:

Authtype CAS
require valid-user

The file needs to be world readable, with Linux/UNIX permissions of 644 (-rw-r--r--). This can be acheived most easily and reliably from the command line during a terminal/ssh session by executing the following:

chmod 644 .htaccess

The above assumes you have created and saved the file, and it is in the same directory that you are executing the command from.

Standard Method

The standard setup for basic authentication uses two plain text files: .htaccess and a password file usually named ".htpasswd" both of which must be readable by the server process. This is typically achieved by making the files "world-readable" (but not writeable!).  The following example shows the contents of an .htaccess file that would work on our webserver - provided that you replace [username] with your own ONID username (no brackets). The .htaccess file should be saved into your public_html folder, or whatever subdirectory you want to protect.

AuthType Basic 
AuthName "restricted area" 
AuthUserFile /nfs/stak/users/[username]/.htpasswd 
require valid-user

The .htpasswd content can be generated via command line, but it is easier for most to use an online htpasswd generator such as https://www.web2generators.com/apache-tools/htpasswd-generator copy and paste the results into a plain text file and save as ".htpasswd" at the root of your network home directory.

To create and add users to a password file via command line, run the following command replacing the [username] in the path shown below with your own username, and "bennybeaver" with whatever you would like the login name to be:

htpasswd -c /nfs/stak/users/[username]/public_html/.htpasswd bennybeaver