Adding a user on .htpasswd

apache .htpasswd
fishcracker picture fishcracker · Jan 30, 2013 · Viewed 133.7k times · Source

I am using .htpasswd to password protect certain directory on my server. However, I noticed that everytime I do this sudo htpasswd -c /etc/apache2/.htpasswd newuser my current contents of .htpasswd will be overwritten. Every directory of my site has their own user on .htpasswd.

How can I not overwrite instead add a new user on my .htpasswd?

Answer

Corbin picture Corbin · Jan 30, 2013

Exact same thing, just omit the -c option. Apache's docs on it here.

htpasswd /etc/apache2/.htpasswd newuser

Also, htpasswd typically isn't run as root. It's typically owned by either the web server, or the owner of the files being served. If you're using root to edit it instead of logging in as one of those users, that's acceptable (I suppose), but you'll want to be careful to make sure you don't accidentally create a file as root (and thus have root own it and no one else be able to edit it).

Related questions

How to write "if...else" mod_rewrite statements in .htaccess

I've scoured StackOverflow for an answer to this and seen many questions come close, but nothing is working for me yet. I'd like to have my .htaccess apply different rules based on the domain calling it. Basically, if subdomain.example.…

Read More
Apache 2.4 "..authentication failure..:Password Mismatch"

I am running Apache 2.4 in Windows Server 2008 R2. I am attempting to password protect a subdirectory and successfully did so in Apache 2.0. After upgrading I took Apache's advice and am attempting to put the authentication config in httpd.config. I …

Read More
How do I figure out what user & group Apache is running as?

On DreamHost shared hosting, I'm setting up htpasswd, but Apache does not have permission to read the file. How do I give it permission? I want to either change the owner or group of the .htpasswd file instead of giving …

Read More