Protect directory with username and password

Sheldon2 Comments

 To protect a folder with an password prompt, you only need to place a .htaccess and a .htpasswd into the target directory.

.htaccess

AuthUserFile /root/path/to/.htpasswd
AuthGroupFile /dev/null
AuthName "Title for the popup window"
AuthType Basic
<Limit GET>
require valid-user
</Limit>

.htpasswd

username:NiceCryptOrMD5encryptedPasswordHash

The passwort can be crypted via crypt or MD5.

On http://de.selfhtml.org/servercgi/server/htaccess.htm#verzeichnisschutz you can find a useful hash generator.

If you have a linux shell you can use:

$> htpasswd -c .htpasswd username

Or you can use this little Python script I’ve written:

#!/usr/bin/python
#coding=utf-8
import Tkinter as tk
from random import randint
import tkMessageBox, sys, string, hashlib, crypt

#wrappers for event binding
def showChecksumOnSelect(*args):
    global inputField
    global outputText

    if inputField.get().strip() != "": 
        showChecksum()
    elif outputText.get().strip() != "":
        showChecksum()  
        
def showChecksumOnEnter(event):
    showChecksum()

#defining callback function
def showChecksum():
    global optionList
    global inputField
    global selectValue
    global outputText
    
    """ Display the Entry text value. """
    
    if inputField.get().strip() == "":
        tkMessageBox.showerror("Checksum-Calculator", "Enter a text value for password")
    else:     
        error = 0   
        if selectValue.get() == optionList[0]:
            hash = hashlib.md5(inputField.get().strip()) 
            checksum = hash.hexdigest()            
        elif selectValue.get() == optionList[1]:
            hash = hashlib.sha1(inputField.get().strip()) 
            checksum = hash.hexdigest()
        elif selectValue.get() == optionList[2]:
            saltingChars = './' + string.ascii_letters + string.digits
            max = len(string.ascii_letters) + len(string.digits) + 2 - 1 #64 characters - 1 for index adaption that starts with 0
            salt =  saltingChars[randint(0, 63)] + saltingChars[randint(0, 63)]
            #print('SALT: ' + salt)
            checksum = crypt.crypt(inputField.get().strip(), salt)
        else:
            error = 1
            tkMessageBox.showerror("Checksum-Calculator", "Enter a text value for password")
            
        if error == 0 and checksum:
            #print(checksum)   
            outputText.set(checksum)
            #tkMessageBox.showinfo("Checksum-Calculator", selectValue.get() + " Checksum: " + checksum)            
            
        
        
if __name__ == '__main__':
    
    #defining the main Window
    rootWindow = tk.Tk()
    rootWindow.title("Checksum-Calculation")    
    rootWindow['padx'] = 20
    rootWindow['pady'] = 40    
    
    #label for selectbox
    inputLabel = tk.Label(rootWindow)
    inputLabel['text'] = "Methode wählen: "
    inputLabel.grid(row=0, column=0)
    #inputLabel.pack()
    
    #define selectbox 
    optionList = ('md5', 'sha1', 'crypt')
    selectValue = tk.StringVar() #stringvariable for default
    selectValue.set(optionList[0])
    selectValue.trace('w', showChecksumOnSelect)
    inputField = tk.OptionMenu(rootWindow, selectValue, *optionList)
    inputField['width'] = 50
    inputField.grid(row=0, column=1)
    
    # label for input field
    inputLabel = tk.Label(rootWindow)
    inputLabel['text'] = "Password eingebebn: "    
    inputLabel.grid(row=1, column=0)
    
    #define input field for Password to encrypt
    inputField = tk.Entry(rootWindow)
    inputField['width'] = 50
    inputField['show']='*'
    inputField.bind("<Return>", showChecksumOnEnter)
    inputField.grid(row=1, column=1)
    
    #label for output field
    outputLabel = tk.Label(rootWindow)
    outputLabel['text'] = "Checksum: "
    outputLabel.grid(row=2, column=0)
    
    #define readonly output field 
    outputText = tk.StringVar()
    outputField = tk.Entry(rootWindow, textvariable=outputText)
    outputField['width'] = 50
    outputField['state'] = 'readonly'
    outputField.grid(row=2, column=1)
    
    #define submit button
    button = tk.Button(rootWindow, text="Calculate Checksum", command=showChecksum)
    button.grid(row=3, column=0, columnspan=2)

    rootWindow.mainloop()

You can also download it here: Checksum-Calculation.py

Attention!: You need to install the Python tk package to run the script. On Debian or Ubuntu you can do this with the following command:

$> sudo apt-get install python-tk

More Excamples

# Exclude folder from password check
SetEnvIfNoCase Request_URI "media/*" noauth
 
AuthUserFile /root/path/to/.htpasswd
AuthGroupFile /dev/null
AuthName "Nice Popuptitle"
AuthType Basic
 
# only for GET Requests
<Limit GET>
        require valid-user
</Limit>
 
Order allow,deny

# Exclude folder from above
Allow from env=noauth
 
# IP exception
Allow from 8.8.8.8 
 
# Exclude a whole net
Allow from 8.8 
 
# if one of the rules was true, no password is requested 
but if the following rule was set, all facts have to fit
Satisfy any

Allow all image requests

For example, if you wish to use images in an test email.

<FilesMatch "\.(png|jpe?g|gif)$">
  Satisfy Any
  Allow from all
</FilesMatch>

Allow special paths

Attention: This denies all other paths.

# Set a variable if the url matches a certain pattern
SetEnvIf Request_URI "^/admin.*$" AdminUri
 
# password protection
AuthName "Password protected area"
AuthType Basic
AuthUserFile ./.htpasswd
Require valid-user
 
# Exclude if variable was set
Order Deny,Allow
Deny from all
Allow from env=AdminUri
Satisfy any

More information

2 thoughts on “Protect directory with username and password

  1. Pingback: Reset the password for user in Contao database | Bravehartk2's Blog
  2. Pingback: Base64 encode on shell | Bravehartk2's Blog

Leave a Reply

Your email address will not be published. Required fields are marked *

 

This site uses Akismet to reduce spam. Learn how your comment data is processed.