Apache HTTP Server Version 2.2
|Description:||User authentication using text files|
|Compatibility:||Available in Apache 2.1 and later|
This module provides authentication front-ends such as
to authenticate users by looking up users in plain text password files.
Similar functionality is provided by
|Description:||Sets the name of a text file containing the list of users and passwords for authentication|
AuthUserFile directive sets the name
of a textual file containing the list of users and passwords for
user authentication. File-path is the path to the user
file. If it is not absolute, it is treated as relative to the
Each line of the user file contains a username followed by
a colon, followed by the encrypted password. If the same user
ID is defined multiple times,
use the first occurrence to verify the password.
which is installed as part of the binary distribution, or which
can be found in
src/support, is used to maintain
the password file for HTTP Basic Authentication. See the
man page for more details.
Create a password file
username as the initial ID. It will prompt for
htpasswd -c Filename username
Add or modify
username2 in the password file
htpasswd Filename username2
Note that searching large text files is very
AuthDBMUserFile should be used
If you are using HTTP Digest Authentication, the
htpasswd tool is not sufficient.
You have to use
instead. Note that you cannot mix user data for Digest Authentication
and Basic Authentication within the same file.
Make sure that the
stored outside the document tree of the web-server. Do
not put it in the directory that it protects.
Otherwise, clients may be able to download the