Text size
Smallest Text Small Text Medium Text Large Text

Access Control: Restricted Web Pages


You may control access to your web area on the CSULB server in several ways. By default, all pages are open to anyone. If you wish to restrict access to some (or all) of your pages, you may do so with an access control file. This file, named ".htaccess", should be placed in the directory where the protected pages reside. Thus if you place it in your base "htdocs" directory, you'll establish access control over your entire website.

However, most people prefer to place restricted files down in a subdirectory, so that their main pages remain open to the world. In either case, the ".htaccess" file specifies access controls to be used for all files in the directory where it appears and any subdirectories below that one (unless they override it with their own ".htaccess" files).


You proceed by creating a plain ascii text file (not a formatted Word document) and put it in the appropriate directory with the name ".htaccess" (note the leading period on the name). Most often you'd build the file on your PC and ftp it (use ftp software such as "WS_FTP" on your PC or "Fetch" on your MacIntosh) up to the directory. Three typical choices are illustrated with examples: CAUTION -- Do not type any extraneous characters (including spaces) in front of or behind any line in these example files.


Access on all Campus Computers

To restrict access only to computers on campus (including the campus dial-in lines), use this .htaccess file:

AuthType Basic
AuthName CSULBsystems
<Limit GET POST PUT DELETE>
order deny,allow
deny from all
allow from 134.139
</Limit>

Note that if you use an AuthName of more than one word it will need to be surround by quotation marks.


Access to Users with Campus Accounts

To require an account and password valid on the CSULB network (including our extranet), use this .htaccess file:

AuthType Basic
AuthName CSULBusers
AuthDBUserFile /home/suitespot/valid/users
<Limit GET POST PUT DELETE>
require valid-user
</Limit>

Note that you may choose ".../valid/oncampus" if you wish to omit extranet users, or ".../valid/employees" to restrict the page to CSULB employees only.


Access to Those with Specific Account and Password

To require a specific account and password (chosen by you, and given only to
those you wish to let in), use this .htaccess file as a template:

AuthType Basic
AuthName Restricted
AuthUserFile /home/az/jdoe/authfile
<Limit GET POST PUT DELETE>
require valid-user
</Limit>

In this case, you'll need to substitute the path to your own home directory (instead of /home/az/jdoe). You may either keep the file name "authfile" or choose another. You'll also need to create a file under that name in your home directory to specify the desired account and password to be used for access. Actually, you may include several lines of accounts and passwords if you're willing to bother keeping track of them.

A typical "authfile" might look like:

comein:kisDCqnu4f3so

Since the password must be encrypted in order to be put in the file, you'll
need to carry out the encryption by filling out this form:

http://www.csulb.edu/cgi-bin/encrypt

Of course you may use more complex .htaccess files if you're familiar with the format and need something that reaches beyond the examples presented here.