Password protect a Location, LocationMatch or VirtualHost in Apache (XAMPP and Mac OS X)

Protecting a Location or VirtualHost in Apache is very similar to protecting a folder as I explained in “Password protect a folder in Apache (XAMPP and Mac OS X)“. The first part is just the same, creating a file with the user and password you want to use with the htpasswd command. Again, remember to place this file in a folder where no one can download it from the server.

/Applications/XAMPP/xamppfiles/bin/htpasswd -c /Applications/XAMPP/etc/.htpasswd admin
New password: 
Re-type new password: 
Adding password for user admin

Then go to your configuration file where your <Location>, <LocationMatch> and/or <VirtualHost> tags are and add just the same configuration lines as we did for protecting a folder with .htaccess file. For example to protect the XAMPP special locations open /Applications/XAMPP/xamppfiles/etc/extra/httpd-xampp.conf file and add the lines in bold font:

<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
    AuthName "Protected Area"
    AuthType Basic
    AuthUserFile /Applications/XAMPP/xamppfiles/etc/.htpasswd
    Require valid-user

    Order deny,allow
    Deny from all
    Allow from ::1 127.0.0.0/8 
               fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 
               fe80::/10 169.254.0.0/16

    ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>

To password protect a VirtualHost just edit the /Applications/XAMPP/xamppfiles/etc/extra/httpd-vhosts.conf file and add the same lines to your VirtualHost. For example:

<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    ServerName test.local
    ServerAlias test.local
    AuthName "Protected Area"
    AuthType Basic
    AuthUserFile /Applications/XAMPP/xamppfiles/etc/.htpasswd
    Require valid-user
    DocumentRoot "/Users/user/Documents/Webs/test.local"
    DirectoryIndex index.php index.html index.htm
    <Directory /Users/user/Documents/Webs/test.local>
        #IndexOptions +FancyIndexing NameWidth=*
        #Options Includes FollowSymLinks Indexes
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>
    ErrorLog "logs/test.local-error_log"
    CustomLog "logs/test.local-access_log" common
</VirtualHost>

The post Password protect a Location, LocationMatch or VirtualHost in Apache (XAMPP and Mac OS X) appeared first on Programming and Technology.