Password Protection for Web Sites: Quick and Easy
Customers commonly want to create sections of their web sites that are password protected — so only authorized users can access specific pages, downloads, or other content. In most cases, setting this up requires some technical know-how and messing with “htaccess” and “htpasswd” files — in general, it can be a pain to do it “manually”.
LuxSci has a web site password protection tool integrated into its web site management console. Use of this tool makes password protection and management of the users (and user groups) very simple.
How To Set It Up
An existing LuxSci customer would:
- Create the physical directory in the web site: using FTP, SFTP, or our Secure Web-Based File Manager.
- In the LuxSci Web Site Administration Area:
- Click on “Define Passwords”
- Enter the username/password combinations for each of your web site “users”. (Note that these are different from and independent of any of your LuxSci users).
- If you like, define one or more “groups” of users. Groups allows you to manage access “in bulk” and is great if you will have many different password protected areas in the same site.
- Configure a “New Directory” under “Directory Settings”. E.g., if you are protecting “https://yoursite.com/secure”, then define the directory “/secure”.
- Enable “Password-protect this directory” in the configuration.
- In the “Password Protection” area that appears once “Password-protect” is enabled, you can specify who can read pages and who can write to / upload pages. You can select “no one”, “any one”, “specific users” and/or “specific groups”
- Click on “Define Passwords”
How It Works
The password protection system creates the htpasswd and htgroup files for you and saves them in a secure location in your web site directory (one not accessible to web visitors; you can upload and edit these files directly if you so desire). The actual enabling of the password protection is done in the central web server configuration — so no “htaccess” file is needed and any existing htaccess file that you may be using on your site is unaffected/untouched.
Updating user and group access is as simple as going back into your web site configuration area and updating the settings therein.
Works with WebDAV
If you are using WebDAV to have a shared file space on your web server that users can upload and download files to/from, the password protection tools work here as well. You can specify exactly who gets “read only” access to the space and who is permitted to “write” (i.e. upload and delete things). Enabling directories for WebDAV access is as simple as checking the “Enable WebDAV” check box in your web site directory configuration page and then setting up the user access lists in the Passwords Protection area.
Works with Secure and Insecure Web Sites
LuxSci’s password protected directory tool works with both secure and insecure web site areas. With a secure web site, the passwords and usernames are communicated securely over SSL.