Enabling HTTP Authentication for Private Drupal Site
Drupal htaccess
At KnackForge we try to follow best practices in all our development processes. The list includes protecting development and stage sites from unauthorized access and search engines. HTTP authentication has been the simple and prime option of our choice. The steps involved in this process are fairly minimal and depend on apache's .htaccess file. Thus needs no restart to the webserver.
[[{"type":"media","view_mode":"media_original","fid":"93","attributes":{"alt":"","class":"media-image","typeof":"foaf:Image"}}]]
Step 1 : Create passwd file
# htpasswd -c /etc/apache2/passwd/drupal7 sivaji
New password:
Re-type new password:
Adding password for user sivaji
command htpasswd manages the password in a flat-file. The arguments /etc/apache2/passwd/drupal7 and sivaji represent the password file path and username respectively. Change the above to match your requirements. For convenience, I chose the default Apache configuration path and the name could be any valid string that you wish to use at the time of authentication. Issuing the above command will prompt you to enter the password and the same will be used at the time of authentication.
Step 2 : Changing file path (optional but recommended)
# chmod 644 /etc/apache2/passwd/drupal7
Step 3 : Add config to Drupal's .htaccess
Add the below config lines to the end of .htaccess file.
AuthType Basic
AuthName "Drupal 7 protected site authentication required."
AuthUserFile /etc/apache2/passwd/drupal7
Require user sivaji