How to password protect my web sub-directories?

[lucorium]

Does anybody know how to password protect some files and/or folders form visitors?

I got to this page but i believe this is only for apache server.
http://tools.dynamicdrive.com/password/

Thanks,
Lucas.

[Moxxnixx]

Hi Lucas,
The easiest way to do this in Abyss is to use the Users and Groups and Access Control features.
It works the same way as using an htpasswd file.

By default, Access Control only works for items and folders located in htdocs.
If you want it to work for anything outside of htdocs, you must set an Alias for it.

[aprelium]

lucorium,

Here is a small example to understand how to use password protection in
Abyss Web Server:

Assume that you have a subdirectory named /photos in your documents path (usually htdocs). Let's say you want to restrict access to this subdirectory (/photos) to your friends jack and mary.

First, you will have to declare the two users:
* Open the console
* Select Hosts > Configure > Users and Groups
* Press Add in the Users table
* Enter jack in the user name field and enter twice the password jack
will use to access restricted parts of your web site
* Then press OK
* Again, press Add in the Users table and declare the user mary the same way you did with jack.

Now press OK in the Users and Groups page and select Access Control. Press Add in the displayed table. Enter /photos in the virtual path field, enter a small description of the restricted area in the Realm field, for example "My Photos" (without " of course). Then check the checkboxes in front of the two users jack and mary in the Users table and verify that the order is allow/deny. Press OK and press Restart now.

Try to go to /photos using your browser (for example, using
http://127.0.0.1/photos ) and you be asked to enter your credentials. More information about deny/allow meanings is available in the documentation which ships with the web server.

Note that Abyss Web Server offers more flexibility as you can also set access rules for individual files (you can select them directly by using the Browse button next to the Virtual Path field). You can also set access rules for file/directory patterns using wildcards. For example, you can protect /music/*.mp3 (which means all the files in /music which extension is mp3). To protect all the web site, use / (a single slash) as the virtual path of the access rule.

For more information and examples, we recommend having a look on Abyss Web Server user's guide.
_________________
Support Team
Aprelium - http://www.aprelium.com

[lucorium]

Thank you guys, works like a charm!

Lucas.

[lucas22]

I'v follow exactly, step by step, example above, but it simply won't work.
I can still access (or everyone else) this specific subdirectory (subpage) without entering credentials??

Any idea?

[AbyssUnderground]

[lucas22]

I'v try every possible combination that is available in Access control and User and Groups.
It won't work.

[AbyssUnderground]

[lucas22]

Ok, i have consider your proposal and done everything all over again.
And? Nothing has changed. Everything seem so simple and logic (manual, configuration) and yet, won't work!

It's hard to imagine, i know.

[loloyd]

Giving us a backgrounder of your Abyss configuration would help us figure out how to solve your problem, lucas22.

For instance, how did you set up your user or users? Next, what entry or entries did you put in the "Password Protected Virtual Paths" setting under Access Control? It would be better if you could make up a test user account and a test path for this purpose so you won't unnecessarily expose to us your secret paths.
_________________

http://home.loloyd.com/ is online if the logo graphic at left is showing.

[lucas22]

I have performed an upgrade from v2.4 to v2.5 today and at first there was no difference. I noted also, that i have enabled anti-hacking protection and just of curiosity i'v disabling that.
And it works!!

Of course, i enable it again and it still works... :) I still haven't find what was wrong in the first place...

[loloyd]

ah, the gods of voodoo IT must be playing with ya'. :-P

don't fret. sometimes those weird things happen to us too.
_________________

http://home.loloyd.com/ is online if the logo graphic at left is showing.