Apache/htaccess – password protect a site by domain name

.htaccessapache-2.2passwordpassword-protected

Is it posible to protect a website if the site was called by a given domain name?

e.g.

www.domain.com -> no password protection
www.domain.net -> password protection

Both of the URLs are routed to the same document root.

Best Answer

If you have multiple virtualhosts, you can add password protection to one and not the other via the following directive:

<VirtualHost *:80>
DocumentRoot /www/example1
ServerName www.example1.com
</VirtualHost>

<VirtualHost *:80>
DocumentRoot /www/example1
ServerName www.example1.org
<Directory "/www/example1">
AuthType Basic
AuthName "Protected Site"
AuthUserFile /etc/httpd/passwd
Require user joeuser
</Directory>
</VirtualHost>

Here is more information on this:

http://httpd.apache.org/docs/2.0/howto/auth.html

Related Solutions

How to password protect the domain with htaccess

So, you want it to require a password for / and /index.html but not anything else?

Add:

<Location />
Require valid-user
</Location>

Security – Where should I put the htpasswd file in a plesk domain for use with .htaccess

I usually place it in /etc/httpd/ if it's used by multiple vhosts, if only used by one domain then one dir above the webroot would do as well. You can place it in the webroot as well just make sure there's a rule denying access to files with it's naming convention(usually in place by default):

<Files ~ "^\.ht">
  Order allow,deny
  Deny from all
</Files>

Best Answer

Related Solutions

How to password protect the domain with htaccess

Security – Where should I put the htpasswd file in a plesk domain for use with .htaccess

Related Topic