I am working with an Ubuntu appliance on Amazon web services so it comes with a few basic tools and I installed apache myself from the command line. The following lists the steps you need to use in order to enable digest auth on a directory.
Firstly some context. I wanted to use a simple alias in the url (/demo/) to point to a differently named directory in my home directory (/acmedemo/) and lock it down to a single web user called demouser. Also note that the default username for the Ubuntu appliances on aws is ubuntu.
- Run sudo a2enmod auth_digest since it is likely it was not installed in the base install
- Run htdigest -c pwdfilename realmname demouser NOT as sudo in your home directory. The realm name can be anything but will need to match the apache config for this restricted area. This will ask for a password for demouser and then create a file with the user name, realm and hashed password in it. If you want to add additional users, run the same command without the -c
- Put your web site into a sub-directory of home (or anywhere else but this is good enough and easier to backup!), in my case /acmedemo/. This means the first file will be /home/ubuntu/acmedemo/index.html
- Edit /etc/apache2/sites-available/default (or other server configs, these can be set locally in htaccess and other places but this is the simplest case). Add in the following section:
The settings should be fairly obvious and the names need to match what you have done. If you are struggling to get it working, from experience, start with what I've done and just change one thing at a time. Changing the password filename and the realm and the web user etc. all at the same time makes it harder to debug. If you want to require any valid user, change the last entry to Require valid-user Once you're done, run sudo service apache2 restart and if you get any errors, use tail /var/log/apache2/error.log
Alias /demo/ "/home/ubuntu/pixelpindemo/" <Directory "/home/ubuntu/pixelpindemo/"> Options Indexes FollowSymLinks MultiViews AllowOverride AuthConfig Order allow,deny Allow from all AuthType Digest AuthName "pixelpin" AuthDigestProvider file AuthUserFile /home/ubuntu/basicpwd Require user demouser </Directory>