Computer Tips -Tech Info

Okay, in an earlier article I was looking at uses of Google that might reveal things you don’t want revealed about your website. Maybe a test directory that you don’t want to be spidered. I want to say that it’s not possible to keep it hidden just by NOT linking to it. That’s what some will suggest, the argument goes along these lines “spiders just follow links, so don’t link to a directory or document you don’t want the web spiders to see.” Spidering bots seem to be a bit more resourceful though, I’ve seen files and folders that I can’t imagine were linked to being picked up in a web search, so how do we prevent that?

For that matter what about the people that might get lucky and guess our testing directory? There’s one answer that can solve both of these problems. It’s done using the .htaccess file.

You’re going to probably need to log into the command shell on your webserver unless your host has a control panel to deal with this. Password protect directories is what we’re going to do.

You need to create a file in the directory that you want to protect, let’s say it’s yourdomain.com/test and the path is /var/www/html/test
AuthUserFile /var/www/html/test/.htpasswd
AuthName protectedtest
AuthType Basic

Ok, this is good save and close, make sure that it is called .htaccess (a period in front of htaccess)

Then make sure you’re in the directory to be protected…

type the following to create the .htpasswd file and setup the first user

htpasswd -c .htpasswd testfolderuser

future users can be added by the following

htpasswd .htpasswd secondtestuser

After each of the above commands you will be prompted for a password for the user and then prompted to confirm it and everything should be set. There are some warnings to go along with this. Don’t put your .htpasswd file in a folder that can be viewed without permission. It’s USUALLY advisable to put it outside of the web-tree somewhere. If you do that, make sure to 1) specify the absolute path in the .htaccess file so .htaccess can find your password list. and 2) when running htpasswd, make sure to specify the absolute path to the .htpasswd file you are changing.

It is possible to have multiple password protected directories using either the same file of usernames and passwords, or a different set of usernames and passwords by using a different filename.

Popularity: 1% [?]

   Send article as PDF   

• The junk that you will find in web access logs If you have a website, you likely will look at your logs from time to time to see just who or how many people are visiting your site. I've certainly looked at a lot of logfiles both for my site and for others and thought I'd pass along some things......
• Windows Run as to let a legacy program run in XP limited user mode Several months back I had to figure out a way to get Create a card gold (5.0?) run on an XP system. The only real problem was that I had setup the account with limited user privileges (shared machine, several users, all with limited account priviliges.) But, somehow the program......
• Site hosting tons of email addresses A little over a year ago I was doing a web search for my email address (something that's worth doing from time to time.) I ran across my name in a text file hosted at a domain called..... http://www.freestuffengine.com/ There is a different site active at that domain now (although......

• Old Post Promoter "You down with OPP, yeah you know me!" The OPP, or Old Post Promoter, is a plugin designed for Wordpress by the Blog Traffic Exchange. The primary function of the plugin is its capability to promote older blog posts by reviving them and returning them to the front page and......
• Real-estate Hosting - Don't Overpay! Recently, I d been using WordTracker.com to see which "real estate property website" phrases get searched quite often through Google, Yahoo and similar major search engines. It surprised me that the phrase "property web hosting" and also the longer "real-estate internet page hosting" were two of the most commonly searched......
• BounceWeb Premium Green and FFmpeg Web Hosting document.write(''); Looking for FFMPEG Hosting? FFmpeg web hosting or FFmpeg Hosting is hosting made for media streaming and video sharing. FFmpeg converts different types of videos to the .flv video format to stream the video online on your FFmpeg hosted web site. BounceWeb's FFmpeg web hosting allows you to......

Similar Posts

• Using .htaccess to ALLOW directory browsing
• Having multiple domains direct to one web site
• Saving you from yourself or specifying which index file to use with apache
• Backing up and restoring MySQL databases
• Google roundup…. 55 ways to have fun, ipv6 and schoolkids Social Security Numbers….

This entry was posted on Thursday, July 28th, 2005 at 2:17 pm and is filed under Computers, Security, Web Hosting. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.