OVH : HtaccessProtection

How to protect directory access with authentication

Introduction
You can do this with an .htaccess file. Before proceeding, it is necessary to clarify a few things about .htaccess files. First, be aware that these are files particular to the web server, and these files do not appear in the directory tree if a user is concerned with access to a browsable directory (which contains no index page, and whose listing is not prohibited). Next, we must take into account the settings specified by a .htaccess file apply to the directory where the file is installed, and any subdirectories from there.

Procedures to follow

CREATE THE PASSWORD FILE

Firstly, create the file containing the list of users who have the right to connect and the password associated with them. In general, you create an .htpasswd file which is then used by the .htaccess file. This is a simple text file, within which you list user names and encrypted passwords. You will find a page on our website that allows you to encrypt a password: http://www.ovh.co.uk/support/tools/crypt_password.pl

Note :
on Windows, you cannot directly create the .htaccess or .htpasswd files. But you can rename these files, transfer them to your web space, and then rename them back to .htaccess or .htpasswd on the FTP client.

After completing the first two fields (the key has two characters of your choice) and click on "encrypt", you will get the encrypted password in the "the captcha". You need to copy the text into the file .htpasswd (see below). The .htpasswd does not have to be in the same location as the .htaccess. For example, you can place it at the root of your hosting, and use it to protect different directories on your site, so one single .htpasswd file can be used by multiple .htaccess files. The .htpasswd should contain a line for user, specifying the user name and password associated with it.

These lines are as follows:

user:encrypted_pasword

Example for user "Admin"
and the password "ovh1234"
This would give the following line: Admin:gl0IiOirI2n6M

Once the .htpasswd file is created, you only need to put it on your hosting and move to the next step: creating the .htaccess files.

Note:
Remember to put a carriage return after the encrypted password.

CREATE THE .htaccess FILE

To block the access to a complete directory, create a text .htaccess file in the following way, and place it in the directory to be protected:

ATTENTION, in the following example you must replace homez.XXX by the number present in the manager.
You'll find it in your OVH Manager under the section:
[Hosting] for the domain name in question,
then [Summary] icon, there you will find the value of the field: "Personal directory:"

AuthUserFile /homez.XXX/your_ftp_login/www/'path_to_the_file_.htpasswd'/.htpasswd
AuthGroupFile /dev/null
AuthName "Restricted access"
AuthType Basic
require valid-user

Note:

For offers Start and 1000gp, the path to put in the AuthUserFile? line is different.
You will find it the activation mail. If not or if you have lost this email, you can use a PHP script or to contact the OVH support to find it.
<?php
echo realpath("path.php");
?>

To block access to one or more specific files, simply add the tags (one FILES tag for each file).

ATTENTION, in the following example, you must replace homez.XXX by the number present in the manager.
You'll find it in your OVH Manager under the section [Hosting] of the domain name in question, then
[Summary] icon, there you will find the value of the field: "Personal directory:"

<Files test.php>

AuthUserFile /homez.XXX/you_ftp_login/www/'path_to_the_file_.htpasswd'/.htpasswd
AuthGroupFile/dev/null
AuthName"Restricted Access"
AuthTypeBasic
require valid-user

</Files>