Department of Mathematics FAS Harvard University One Oxford Street Cambridge MA 02138 USA Tel: (617) 495-2171 Fax: (617) 495-5132
FAS Computer Services to Harvard University IT: (617) 495-7777.

Restricting access

htaccess allows you to restrict website access. It is possible to restrict, from where the page can be read. It is also possible to have the directory protected by a password.

The apache webserver at the Mathematics department is configured, so that users can use htaccess. Note that htaccess restricts access in a secure way only for people accessing the page from outside the department through a web browser. Any person with an account on this computer will be able to read the content in your "www" directory, also if it is protected by htaccess.

The following notes applies also for FAS webpages, where a subdirectory of the "public_html" directory can be protected.

Setting up a password protected directory

Edit a file ".htaccess" containing the following 6 lines

AuthUserFile /math1/euler/www/protected/.htpasswd
AuthName Protected
AuthType Basic

require valid-user

where "euler" has to be replaced with your login name. Place this into the directory you want to protect.
Inside that directory, type

/usr/local/apache2/bin/htpasswd -c /home/math1/euler/www/protected/.htpasswd xxx

where xxx is the login name you want to use for that directory. You will have to provide a password twice. (On FAS course websites, the htpasswd program is at a different place, "htpasswd" alone suffices.)

Finally, assure that the directory and its contents are world readable. Also the file .htpasswd containing the encrypted password has to be accessible!

Here is a folder which is protected like that.

Making a directory accessible from within Harvard only

In order to make the site accessible only from within Harvard, do as above but replace the file ".htaccess" with content

order deny,allow
deny from all
allow from 140.247 128.103

Here is a folder which is protected like that.

Redirecting access

htaccess also allows you to redirect access from one location to an other location. While we do not recommend to use this, it can make sense for particular situations. Assume you have a file .htaccess in a directory with the content

RewriteEngine on
RewriteRule ^google.html://

Then every request to the file "google.html" will be redirected to the actual google page.

Simplicity, Clarity, Generality B.W. Kernighan, R. Pike, in "The Practice of Programming".