As you have seen in the other documents in this section, in order to protect your web site using password authentication, you will inevitably need to create an .htaccess file. The mkhtaccess command was created in order to assist you in building your .htaccess files error free.

Here are the mkhtaccess command-line options:

-a <message> - change authorization title (default: “Authorization Required”) -d <dist> - allow users in distribution list <dist> -f - force output file to be overwritten if it exists -g <group> - allow group <group> -G <file> - specify Apache user-defined groups file -o <file> - output to <file> instead of standard out -u <user> - allow user <user> -U <file> - specify Apache user-defined password file -S - use system password file/group file

The best way to look at how mkhtaccess works is with a few simple examples.

Create an .htaccess file for a web site that permits access to anyone with a valid account on our systems:

mkhtaccess -S -o .htaccess

Create an .htaccess file for a web site that permits access to only users in group faculty or tech, or system user ulya:

mkhtaccess -S -g faculty -g tech -u ulya -o .htaccess

Taking the last example, now allow all CSE1020 students to access the site as well:

mkhtaccess -S -g faculty -g tech -d /cs/dept/dist_archive/2005-06/W/CSE1020M -o .htaccess

Why not add CSE1030 students as well:

mkhtaccess -S -g faculty -g tech -d /cs/dept/dist_archive/2005-06/W/CSE1020M -d /cs/dept/dist_archive/2005-06/W/CSE1030M -d /cs/dept/dist_archive/2005-06/W/CSE1030N -o .htaccess

mkhtaccess will also work with web sites that implement ONLY user-defined usernames and passwords and groups.

Allow any user in the user-defined password file /tmp/userfile (created with htpasswd) access to the site:

mkhtaccess -U /tmp/userfile -o .htaccess

You can even combine both user-defined usernames and passwords and system-defined usernames and passwords or groups. For example, to allow all users in 1020, or users defined in the password file “/tmp/userfile”:

mkhtaccess -S -U /tmp/userfile -d /cs/dept/dist_archive/2005-06/W/CSE1020M -o .htaccess

As you can see, mkhtaccess can be used to build any of the .htaccess files referred to in the web documentation on Password-Protecting Web Areas. If you have needs that differ, you can always create your .htaccess file manually.

Full details on Apache authentication can be found in the Apache authentication documentation.

Notes

If your .htaccess file already exists, and you are rebuilding it, use the -f flag to mkhtaccess to overwrite the file.

You must specify -S, -U, and -G options to mkhtaccess before -d, -g, or -u.

If you do not specify any users, groups, or distribution lists, any valid user will be allowed access.

When specifying the paths to a user-defined password file, group file, or even distribution lists, you can use relative paths. The program will convert them to absolute paths.

If you intend on protecting your web site using course distribution lists, please keep a few things in mind:

  The distribution lists are updated on a daily basis, so you will need to re-update your .htaccess file on a daily basis.

  In order to schedule automatic updates to your .htaccess file, please see the system manual pages for cron and crontab.

  If you automate the daily rebuild of your .htaccess file through cron, keep in mind that you probably want to use the distribution files in /cs/dept/dist_archive instead of /cs/dept/dist. While /cs/dept/dist is a symlink to the distribution lists in the current session and term, this is a link that changes at the beginning of a new term, which would automatically remove all access to your site at a time that may not be convenient for you.