Linux: Add New User and Group into .htpasswd

We have several directories which have been restricted to some users in our company. Since they will need to authenticate before able to access the directory via web browser, I need to manage simple Apache user authentication using htpasswd.

User Authentication

To create new password protected directory under /home/website/public_html/secure1, create a new .htaccess file:

$ vim /home/website/public_html/secure1/.htaccess

And enter following line:

AuthUserFile /home/website/.htpasswd
AuthType Basic
AuthName "User Authentication"
Require valid-user

This will tell Apache to refer to .htpasswd for the user authentication data. Now let create a user to be inserted into .htpasswd file:

$  htpasswd -c /home/website/.htpasswd myfirstuser
New password:
Re-type new password:
Adding password for user myfirstuser

Format: htpasswd [options] [location of .htpasswd to be create] [username]

Now you can try to access the secure directory using  website: http://mywebsite.com/secure1. You should able to see login box pop out asking for username and password.

To add another user:

$ htpasswd /home/website/.htpasswd myseconduser

This will insert another line into .htpasswd file. If you see the current value, it should be:

$ cat /home/website/.htpasswd
myfirstuser: Ob5Y/eFTeSXEw
myseconduser: 9oopndPXV7sdE

Group Authentication

In some cases, I need to have a group of people able to access some secure folders. Lets say we have following users:

=================================================================
 USER     | GROUP     | DIRECTORY
=================================================================
 David    | IT        | /home/website/public_html/secure-it
 Nade     | IT        | /home/website/public_html/secure-it
 Mike     | Admin     | /home/website/public_html/secure-admin
 Seth     | Boss      | /home/website/public_html/secure-boss
=================================================================

1. Insert the users into htpasswd file. I will put this under /home/website/.htpasswd:

$ htpasswd -c /home/website/.htpasswd david
$ htpasswd /home/website/.htpasswd nade 
$ htpasswd /home/website/.htpasswd mike
$ htpasswd /home/website/.htpasswd seth

2. Create a htgroup file. This will describe the group for every user. Create a new file /home/website/.htgroup and add following line. Boss group can access all secure directories and others can only access their respective directories:

it: david nade seth
admin: mike seth
boss: seth

3. Apply the access into htacess files for every directories that you want to secure.

For IT group, create new .htaccess file:

$ vim /home/website/public_html/secure-it/.htaccess

And add following line:

AuthUserFile /home/website/.htpasswd
AuthGroupFile /home/website/.htgroup
AuthName "User Authentication"
AuthType Basic
Require group it

For admin group, create new file:

$ vim /home/website/public_html/secure-admin/.htaccess

And add following line:

AuthUserFile /home/website/.htpasswd
AuthGroupFile /home/website/.htgroup
AuthName "User Authentication"
AuthType Basic
Require group admin

For Boss group, create new file:

$ vim /home/website/public_html/secure-boss/.htaccess

And add following line:

AuthUserFile /home/website/.htpasswd
AuthGroupFile /home/website/.htgroup
AuthName "User Authentication"
AuthType Basic
Require group boss

One thought on “Linux: Add New User and Group into .htpasswd

  1. Excellent blog Keep up the good work. Thanks for your hard work and good thinking

    MohanNo Gravatar Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>