How to Create the /etc/httpd/passwords File and Configures a Password for Apache User?

When running a web server, it is crucial to secure access to certain directories or applications. Apache, one of the most popular web server software, provides a feature called Basic Authentication to restrict access to specific resources. To enable Basic Authentication, you need to create a password file and configure a password for the Apache user. In this guide, we will walk you through the steps to create the /etc/httpd/passwords file and set up a password for the Apache user.

Step 1: Create the Password File:

To begin, we need to create the password file that will store the login credentials for Basic Authentication. Open your terminal or SSH into your server and execute the following command:

sudo htpasswd -c /etc/httpd/passwords apacheuser

This command creates the password file at /etc/httpd/passwords and prompts you to enter a password for the user ‘apacheuser’. Replace ‘apacheuser’ with the desired username.

See also  How to Remove "Fedora Test Page" on Fedora 16 Linux Server

Step 2: Enter the Password:

After running the previous command, you will be prompted to enter and confirm the password for the ‘apacheuser’. Type in the password and press Enter. Make sure to choose a strong password to enhance security.

Step 3: Verify the Password File:

To verify that the password file has been created and the password has been set, you can use the cat command to display the contents of the file:

cat /etc/httpd/passwords

This command will show you the username and the encrypted password for the ‘apacheuser’ in the password file.

See also  How to Change Apache HTTP and HTTPS Ports in Linux (Ubuntu/CentOS)

Step 4: Configure Apache:

Now that the password file is created and the password is set, we need to configure Apache to use Basic Authentication. Open the Apache configuration file in a text editor. The location of the file may vary depending on your operating system and Apache version, but it is commonly found at /etc/httpd/conf/httpd.conf.

Add the following lines within the appropriate or block:

<Directory /path/to/protected/directory>
    Options Indexes FollowSymLinks
    AllowOverride AuthConfig
    AuthType Basic
    AuthName "Restricted Access"
    AuthUserFile /etc/httpd/passwords
    Require valid-user

Replace /path/to/protected/directory with the actual path to the directory or location you want to protect.

Step 5: Restart Apache:

After making the configuration changes, save the file and restart Apache for the changes to take effect. The command to restart Apache may vary depending on your operating system. Here are a few examples:

sudo service apache2 restart  (Ubuntu/Debian)
sudo systemctl restart httpd  (CentOS/RHEL)
sudo apachectl restart       (General)


In this guide, we have learned how to create the /etc/httpd/passwords file and configure a password for the Apache user. By following these steps, you can enhance the security of your web server by restricting access to specific directories or applications using Basic Authentication. Remember to choose strong passwords and regularly review and update your authentication settings to maintain a secure environment.

See also  How to Setup Zimbra Collaboration Suite 7.2.0 Mail Server on CentOS 6.2 x86_64

Feel free to comment below if you have any questions or suggestions for improvement.


Leave a Reply

Your email address will not be published. Required fields are marked *