UC Santa CruzInstructional Computing
ITS Home About ITS IC Services News Tutorials Technologies About IC Help

Restricting access to your course web site

This document explains how to give your pages password protection or restrict access by IP addresses or domains.

Note: This document assumes that you are able to access the webserver via Secure Shell (SSH) or FTP, and are familiar with basic UNIX commands such as editing a file, or uploading one via FTP. If you would like assistance, please contact fitc@ucsc.edu.

Access restriction is done at the directory level; you cannot restrict access to a single file (except by putting the file in a directory and restricting access to that directory). To restrict access to a directory, you need to create a file called .htaccess in the directory. You can create the file using any text editor such as Windows Notepad, SimpleText, or pico.

Restricting by domain:

Insert the lines on the right into your .htaccess file to restrict the directory to computers on the UCSC network.

You could also specify IP domains by number, or even specify a specific IP address. To make it accessible from more than one domain, list the domains in "allow from x" statements one right after the other.

.htaccess file:

<Limit GET POST>
order deny,allow
deny from all
allow from XXX.YYY.ZZZ
</Limit>

Example .htaccess file limiting access to just computers at UCSC and a computer at home with an IP address of 163.28.49.200:

<Limit GET POST>
order deny,allow
deny from all
allow from ucsc.edu
allow from 163.28.49.200
</Limit>

Restricting by password:

Insert the lines on the right into your .htaccess file to have password protection on a directory.

Example .htaccess file limiting access to the Linguistics 101 web site to people who use the correct

Change the variables DIR_NAME, HTPASSWD_DIRECTORY, and NAME to the actual values.

  • DIR_NAME is the directory name users will see when they are prompted for a user login name and password, so you will probably want to use something like "Biology 101" or whatever the name of your course is.
  • HTPASSWD_DIRECTORY is the directory name where you will store the password file. Unless you have a good reason to keep it somewhere else, we recommend you store it in your home directory, the one just above the public_html directory. You need to specify the full path to this directory, which on ic.ucsc.edu is always /home/people/YOURNAME/
  • NAME is the user login name people will use to access your directory.

.htaccess file:

AuthName DIR_NAME
AuthType Basic
AuthUserFile HTPASSWD_DIRECTORY/.htpasswd
<Limit GET POST>
require user NAME
</Limit>

Example .htaccess file limiting access to the Linguistics 101 course directory to people who login using the name "bananaslug." The Linguistics 101 course directory is in Prof. Slug's directory (ic.ucsc.edu/people/~slug):

AuthName "Linguistics 101"
AuthType Basic
AuthUserFile /home/people/slug/.htpasswd
<Limit GET POST>
require user bananaslug
</Limit>

Now you need to create a .htpasswd file in your home directory. Just as before, the variables HTPASSWD_DIRECTORY and NAME will be replaced with actual values.

Here you will need to log in using your shell account in order to run the following command from the unix prompt.

/home/local/apache/bin/htpasswd -c /HTPASSWD_DIRECTORY/.htpasswd NAME

For example, the .htpasswd file for the Linguistics 101 example above would use this command:

/home/local/apache/bin/htpasswd -c /home/people/slug/.htpasswd bananaslug

After running that command, you will be prompted to enter a password twice.


If you're having problems:

Make sure that the global read bit is set on the .htaccess and .htpasswd files. Run the commands shown below, where the variable PROTECTED_DIR is replaced with the full path to the directory you are password-protecting.

chmod ugo+r PROTECTED_DIR/.htaccess
chmod ugo+r HTPASSWD_DIRECTORY/.htpasswd

For example, in the "Linguistics 101" example, the commands would be as follows, assuming that the name of the protected directory is ling101:

chmod ugo+r /home/people/slug/public_html/ling101/.htaccess
chmod ugo+r /home/people/slug/.htpasswd

Please use the form below to tell us what you think of this page.


USCS Faculty Instructional Technology Center
2006-2007
Last updated 4/19/2007