views:

1457

answers:

2

How can I password protect my website during development with htaccess in Cakephp?

  • which htaccess file do I have to change?
  • what do I have to write in the htaccess
  • where do I put the .htpasswd?

I searched google for that but couldn't find anything useful, I hope you could help me!


Thanks Till that helped me solve the problem!

For CakePHP-Users: - Modify the .htaccess in /app/webroot/ - add something like that at the beginning of the .htaccess-file:

AuthName "Restricted Area" 
AuthType Basic 
AuthUserFile /complete/path/to/.htpasswd
AuthGroupFile /dev/null 
require valid-user

Now create the .htpasswd-File in /app/webroot/ and drop something like this in:

admin:PASSWORD

The "PASSWORD" is a transformed version of your real password, I created it with this tool: http://tools.dynamicdrive.com/password/

I think there are much more ways to create this, but for me it worked and maybe this helps other cakephp users too.

+5  A: 

You probably have a .htaccess in your document root, so you would add to this file since it's the first so to speak -- if you want to protect the entire website. Otherwise add a .htaccess file in the directory you wish to protect.

Then, check out this howto: http://httpd.apache.org/docs/2.2/howto/auth.html

In a nutshell, this is what you add:

AuthType Basic
AuthName "dev"
AuthUserFile /complete/path/to/.htpasswd
Require valid-user

The command to add users is:

htpasswd -c /complete/path/to/.htpasswd yourusername

Make sure you read the above howto anyway!

Till
A: 

http://snook.ca/archives/servers/password%5Fprotect%5Fadmin/

The first link has information on using .htaccess security from within cake apps. The comments include a >hackish< workaround on how to do this for only the admin routes.

Abba Bryant