.htaccess – (hypertext access) additional configuration file for the Apache web server and similar servers.
In order for the file to be processed by the Apache server, the “AllowOverride All” option must be in the configuration file for the specified directory.
I will give below an example of some parameters.
Denying access to all files:
Require all denied
Allow access to everyone:
Require all granted
Allow access from a specific IP (you can specify a few separated by a space):
order deny allow
deny from all
allow from 192.168.5.5 192.168.4.1
Deny access from a specific IP:
order allow deny
allow from all
deny from 192.168.5.5 192.168.4.1
Denying access to a specific file:
<Files file.php>
order allow,deny
deny from all
</Files>
Allow access to the file only locally and for the specified IP addresses:
<Files ixnfo.php>
Require local
Require ip 192.168.5.5 192.168.3.5
</Files>
Restricting access to IP addresses to all files with names beginning with “text…”:
<Files text*>
Require local
Require ip 192.168.5.5 192.168.3.5
# 192.168.5.5 comment
</Files>
Directory password:
AuthName "Hello"
AuthType Basic
AuthUserFile /home/user/.htpasswd
require valid-user
Password for 1 file:
<Files file.php>
AuthName "Hello"
AuthType Basic
AuthUserFile /home/user/.htpasswd
</Files>
Password for a group of files:
<Files "\.(cfg)$">
AuthName "Hello"
AuthType Basic
AuthUserFile /home/user/.htpasswd
</Files>
If the site engine displays its error of opening the page instead of requesting a password, then add the following line to the main .htaccess file:
ErrorDocument 401 default
Redirect to another url:
Redirect / http://www.site.com
Generator .htpasswd: www.htaccesstools.com/htpasswd-generator
You can generate a file from the system command line using the htpasswd utility, in Ubuntu it is installed with the apache2-utils command:
sudo apt install apache2-utils
See also my article:
Access Control Apache2