Terminal and Apache: did I hurt anything?
Felling like working above my station I though I'd try to figure out if I could password protect files that I put on line to share via 10.2's built-in Apache server.
I was following the instructions at the O'Reilly Network and I used the command:
htpasswd -c /Library/WebServer/.htpasswd dan
and saw
New password: ********
Re-type new password: ********
Adding password for user dan
Here, dan is the user to be added. I used dan by mistake once then tried again with a user of my own creation.
Now, I know nothing about UNIX so I stopped there, but I just want to make sure I didn't cause any lasting damage to my system. What did concern me is when I entered
/Library/WebServer/.htpasswd
as suggested to see the list of users I added I'm given an access denied notice.
Any help from the UNIX Gods out there would be most appreciated. That'll teach me to stop playing with the Terminal!
(Though I am still wondering if there is an easy way to password protect files you want to web share through OS X)
I was following the instructions at the O'Reilly Network and I used the command:
htpasswd -c /Library/WebServer/.htpasswd dan
and saw
New password: ********
Re-type new password: ********
Adding password for user dan
Here, dan is the user to be added. I used dan by mistake once then tried again with a user of my own creation.
Now, I know nothing about UNIX so I stopped there, but I just want to make sure I didn't cause any lasting damage to my system. What did concern me is when I entered
/Library/WebServer/.htpasswd
as suggested to see the list of users I added I'm given an access denied notice.
Any help from the UNIX Gods out there would be most appreciated. That'll teach me to stop playing with the Terminal!
(Though I am still wondering if there is an easy way to password protect files you want to web share through OS X)
Comments
sudo /Library/WebServer/.htpasswd
is the correct answer.
Originally posted by Gabid
Now, I know nothing about UNIX so I stopped there, but I just want to make sure I didn't cause any lasting damage to my system. What did concern me is when I entered
/Library/WebServer/.htpasswd
as suggested to see the list of users I added I'm given an access denied notice.
Nothing wrong with that. When you type "htpasswd -c _file_path _user", a new file "_file_path" is created (the -c option). Then you'll be asked for the password. It will be hashed, then both, your user name and the hash are written to the file _file_path, which then contains the following line:
_user
When you typed "/Library/WebServer/.htpasswd", you got an error because you tried to execute that file (as if it was a program), however, it's just an ordinary text file which can't be executed. To see what's in the file, type:
cat /Library/WebServer/.htpasswd
(cat is a program which prints text files)
If I were you, I wouldn't use a hidden file (leading dot) to store the info. Type:
rm /Library/WebServer/.htpasswd
(deletes the file you've created)
mkdir /Library/WebServer/htpasswd
(creates a new directory "htpasswd")
htpasswd -c /Library/WebServer/htpasswd/my_secure_area_bla_1 dan
(creates a new password file inside the new folder and adds user "dan")
To add more users, enter the line above without the -c option. Type "man htpasswd" to learn more about the options.
You can now browse everything without the terminal, also you can open the file with any OS X text editor to see what's in it.
Of course, you still have to write an .htaccess file (here, the dot is needed), but this should actually be explained on o'reilly's page.
EDIT: Had a look at the o'reilly page, seems to be explained pretty good. They use "less /Library/WebServer/.htpasswd" to view the .htpasswd file. (with "less" you can navigate through files instead of just dump them to the terminal as with "cat")