Results 1 to 5 of 5

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.

Thread: Password Protection for Apache

  1. #1
    Default Password Protection for Apache
    I'm using Apache on my iPhone to serve personal files, such a bank account numbers and what not. While I understand that it's fairly unlikely that someone will connect to my iPhone is a web browser, I would feel much more comfortable having the files in a password protected directory. I've tried using .htaccess to password protect files and directories, but Apache seems to ignore .htaccess. Is there any simple way to use .htaccess for password protection on the iPhone?


  2. #2
    Josh, it's definitely possible, and IMO, a good idea, especially if you're on a public network.

    I use lightpd, and while I found a lot of info on doing this with Apache, and had to work pretty hard to figure out how to do it with Lighttpd. I ended up writing instructions for myself only for that, but the general principles involved should help you do it with Apache.

    Lighttpd was missing the command htpasswd, so I ended up installing Apache temporarily, just to copy that file. You'll already have it so just:

    - SSH in as root from your computer.
    - htpasswd -c /usr/local/etc/apache-htpasswd.user [username]
    - you'll be prompted for a password, and then to confirm it.

    - Now the password file is there.

    Now add something like this to the apache.conf file:

    auth.backend = "htpasswd"
    auth.backend.htpasswd.userfile = "/usr/local/etc/apache-htpasswd.user"
    auth.require = ( "/ProtectedDocs/" =>
    "method" => "basic",
    "realm" => "Documents",
    "require" => "user=yourusername"
    "/AnotherDir" =>
    "method" => "basic",
    "realm" => "Documents",
    "require" => "user=yourusername"

    Then, of course, you need to restart the server so it will use the new configuration.

    The basic elements are:

    - Create the password (in a directory not available to the server)
    - Add the instructions to your configuration file to use the password, where it is stored, and which directories to protect.

    This is working great for me, but I don't claim to have much knowledge about it beyond what I've described. As I say, I pieced it together from the Apache info I found. If you do a search on "Apache" "htpasswd" you should find several step by step instructions.

  3. #3
    Where do I find the apache.conf file?

  4. #4
    Sorry, I believe it's actually called httpd.conf and is located here:

    / etc / httpd / httpd.conf

    but I only used Apache for a very short time before switching to lighttpd, so I could be wrong

    Here's a link to one of the many Apache guides I used to figure it out for lighttpd:
    Last edited by DaveiPhone; 2008-01-03 at 11:14 PM.

  5. The Following User Says Thank You to DaveiPhone For This Useful Post:

    joshuatw (2008-01-04)

  6. #5
    That was the correct file. Thanks for the link, it was very helpful.

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts