Sometimes, you must protect your site in ISPConfig with a standard pass or HTTP auth. Here are a few easy steps to do it. I will describe it from the administrator’s view. The manual is for the apache2 server.
- login to your server via SSH
- cd to web folder the path is in a format like /var/www/[website]/web/
- create the .htpasswd file, you can use the htpasswd utility. the command is htpasswd -c .htpasswd [user] you will be then prompted for password
- setup right owner and access rights
- chown [webid]:[clientid] .htpasswd – you can get website id and client id from other files in a folder so just print files ls -la
- chmod 640 .htpasswd
- login to your ISPConfig web interface and go to setting for your site, in option tab add this to your Apache directives the directives are for reverse proxy. If you need it for standard website you can omit the proxy pair tags. Or use the directory or location type of tags.
<Proxy *>
AuthType Basic
AuthName "Restricted Access"
AuthUserFile {DOCROOT}/.htpasswd
Require valid-user
</Proxy>
Now, after you try to access the website there will be an auth dialog.