In case you missed it, you can read the first part of the .htaccess Reference…
.htaccess is a configuration file used on Apache and other nix servers. It is one of the most configurable and powerful tools for website functionality, security, and search engine optimization. Here is a comprehensive reference.
(Hypertext Access) is the default name of Apache’s directory-level configuration file. It provides the ability to customize configuration directives defined in the main configuration file. The configuration directives need to be in .htaccess context and the user needs appropriate permissions.
Statements such as the following can be used to configure a server to send out customized documents in response to client errors such as “404: Not Found” or server errors such as “503: Service Unavailable” (see List of HTTP status codes):
ErrorDocument 404 /error-pages/404.html
ErrorDocument 503 /error-pages/503.html
When setting up custom error pages, it is important to remember that these pages may be accessed from various different URLs, so the links in these error documents (including those to images, stylesheets and other documents) must be specified using URLs that are either absolute (e.g., starting with “http://”) or relative to the document root (starting with “/”). Also, the error page for “403: Forbidden” errors must be placed in a directory that is accessible to users who are denied access to other parts of the site. This is typically done by making the directory containing the error pages accessible to everyone by creating another .htaccess file in the /error-pages directory containing these lines:
Allow from all
- 1 Password protection
- 2 Enable SSI
- 3 Deny users by IP address
- 4 Change the default directory page
- 5 Redirects
- 6 Prevent hotlinking of images
- 7 Standardise web address to require www with SEO-friendly 301 Redirect
- 8 Directory rules
- 9 User permissions
- 10 Other uses
- 11 See also
- 12 External links
Make the user enter a name and password before viewing a directory.
AuthName "Protected Directory"
<Limit GET POST>
require user newuser
The same behavior can be applied to specific files inside a directory.
AuthName "Protected File"
Now run this command to create a new password for the user ‘newuser’.
htpasswd /home/newuser/www/stash/.htpasswd newuser