Password-protect access to an application with Apache
NOTE: The Approach A sections referred to below do not apply to Bitnami native installers. Users of Bitnami native installers should refer only to the Approach B sections.
To configure Apache to request a username and password when accessing your application, follow these steps:
Approach A: Bitnami installations using system packages
-
At the console, type the following commands. Remember to replace APPNAME, USERNAME and PASSWORD with the application name (for example, wordpress), and desired username and password, respectively.
$ sudo installdir/apache2/bin/htpasswd -cb installdir/apache2/APPNAME_users USERNAME PASSWORD -
Edit the installdir/apache2/conf/vhosts/APPNAME-vhost.conf file to add the following lines:
<VirtualHost 127.0.0.1:443 _default_:443> ... <Directory "installdir/APPNAME"> ... AuthType Basic AuthName MyAuthName AuthUserFile "installdir/apache2/APPNAME_users" Require valid-userIn addition, find the line containing Require all granted in the same file and comment it by placing a hash (#) symbol before it, as shown below:
# Require all grantedIf your application has a proxy, add the following lines at the end of the file:
... <Location /> AuthType Basic AuthName "Authentication required" Require valid-user AuthUserFile "installdir/apache2/APPNAME_users" </Location> </VirtualHost> -
Edit the installdir/apache2/conf/vhosts/APPNAME-https-vhost.conf file to add the following lines:
<VirtualHost 127.0.0.1:443 _default_:443> ... <Directory "installdir/APPNAME"> ... AuthType Basic AuthName MyAuthName AuthUserFile "installdir/apache2/APPNAME_users" Require valid-userIn addition, find the line containing Require all granted in the same file and comment it by placing a hash (#) symbol before it, as shown below:
# Require all grantedIf your application has a proxy, add the following lines at the end of the file:
... <Location /> AuthType Basic AuthName "Authentication required" Require valid-user AuthUserFile "installdir/apache2/APPNAME_users" </Location> </VirtualHost> -
Restart the Apache server:
$ sudo installdir/ctlscript.sh restart apache
Approach B: Self-contained Bitnami installations
-
At the console, type the following commands. Remember to replace APPNAME, USERNAME and PASSWORD with the application name (for example, wordpress), and desired username and password, respectively.
$ sudo installdir/apache2/bin/htpasswd -cb installdir/apache2/APPNAME_users USERNAME PASSWORD -
Edit the installdir/apps/APPNAME/conf/httpd-app.conf file to add the following lines. In addition, find the line containing Require all granted line in the same file and comment it by placing a hash (#) symbol before it, as shown below:
<Directory "installdir/apps/APPNAME/htdocs"> ... AuthType Basic AuthName MyAuthName AuthUserFile "installdir/apache2/APPNAME_users" Require valid-user ... <IfVersion >= 2.3> # Require all granted </IfVersion> ... </Directory> -
If your application has a proxy, add the following lines at the end of installdir/apps/APPNAME/conf/httpd-app.conf file:
<Location /> AuthType Basic AuthName "Authentication required" Require valid-user AuthUserFile "installdir/apache2/APPNAME_users" </Location> -
Restart the Apache server:
$ sudo installdir/ctlscript.sh restart apache
When accessing the application, you will see the following authentication popup window. Enter the username and password that you have defined in the first step:
To change the password later, run the htpasswd utility without the -c switch and replace the USERNAME placeholder with the username of the account you wish to modify:
$ sudo installdir/apache2/bin/htpasswd installdir/apache2/APPNAME_users USERNAME
To add another user to the same file, run the htpasswd utility without the -c switch and replace the USERNAME and PASSWORD placeholders with the new username and password you wish to add.
$ sudo installdir/apache2/bin/htpasswd -b installdir/apache2/APPNAME_users USERNAME PASSWORD