Creation and location of the password file: the htpasswd utility
Assignment: Use htpasswd to create a password file.
Select a secure location.
Create the first user.
Create a subsequent user.
Configuring the server to request a password and authenticate the user:
Note that you can do this in a .htaccess file OR in a Directory container!
Require user User_Name
Similarly, requiring group membership:
Require group Group_Name
Allowing Authentication in Directory Containers: Just use the Directives above!
Allowing Authentication in .htaccess files:
Assignment: Set up a secure directory using an .htaccess file.
First, require a user name and password.
Next, modify the configuration to allow only one host access without a password. Other users must be required to supply a password.
For the next iteration, require both.
Next, allow GET but deny POST.
Finally, eliminate support for .htaccess files, but secure one directory in the web filesystem.