Password-protect access to an application with Apache

Before running the commands shown on this page, you should load the Bitnami stack environment by executing the installdir/use_APPNAME script (Linux and MacOS) or by clicking the shortcut in the Start Menu under “Start -> Bitnami APPNAME Stack -> Application console” (Windows). On OS X VMs, the installation directory is /opt/bitnami and OS X VM users can click the “Open Terminal” button to run commands. Learn more about the Bitnami stack environment and about OS X VMs.

To configure Apache to request a username and password when accessing your application, follow these steps:

  • At the console, type the following commands. Remember to replace APPNAME, USERNAME and PASSWORD with your application name, desired username and desired password respectively.

    $ cd installdir
    $ apache2/bin/htpasswd -cb apache2/APPNAME_users USERNAME PASSWORD
  • Edit the installdir/apps/APPNAME/conf/httpd-app.conf file and add the following lines. You also need to comment the Require all granted line as shown below:

    <Directory "installdir/apps/APPNAME/htdocs">
        AuthType Basic
        AuthName MyAuthName
        AuthUserFile "installdir/apache2/APPNAME_users"
        Require valid-user
      <IfVersion >= 2.3>
      # Require all granted
  • Restart the Apache server:

    $ sudo installdir/ restart apache

When accessing the application, you will see the following authentication popup window. Enter the username and password that you have defined in the first step:

Authentication required

To change the password later, run the htpasswd utility without the -c switch:

$ sudo installdir/apache2/bin/htpasswd installdir/apache2/APPNAME_users USERNAME
Last modification September 5, 2018