Web|Loyola University Chicago

Web

searchform
This siteLUC.edu

Restrict Access

Restrict by Password:

There are two ways to restrict access of web pages: by password or by IP address. Note: These features are not available for Loyola personal pages. Regardless of which method you choose, access restrictions are done at the directory level and cannot be set for individual files. All subdirectories carry the same restrictions as their parent directory.




   

Restrict by Password:

The .htaccess File

The ".htaccess" file is placed in the directory containing the web pages you wish to restrict. The beginning dot ("."), denotes it as a hidden file that can only be viewed by typing the command "ls -la".

Create the .htaccess File

Log into Orion using the PuTTY application.  This can be found under Loyola Software => Internet Tools. The configuration settings are:

  • Host Name: orion.it.luc.edu
  • Port 22
  • Choose the SSH Button
  • Click Open
  • Enter your Orion ID
  • Click Enter
  • Enter your Orion password
  1. In the Orion directory containing the files you want to restrict, enter the following command: jpico .htaccess
  2. Enter the following information:
    AuthUserFile /doc/path/file name
    AuthGroupFile /dev/null
    AuthName ByPassword
    AuthType Basic


    require user user-ID

    file-name is the name of your password file, and user-ID is the ID of the user who may access the web pages.

    An example using "Loyola" as the path; ".htpasswd" as the file name and "jsmith" as the ID:

    AuthUserFile /doc/loyola/.htpasswd
    AuthGroupFile /dev/null
    AuthName ByPassword
    AuthType Basic


    require user jsmith

    It is recommended that you always use lower-case characters.

  3. Save the file:
    Press Ctrl+o, then Enter.
    Press Ctrl+x to exit.
  4. Set permissions for the file:
    Type chmod o+r .htaccess and press Enter.

Create the Password File

Create a password file using the htpasswd following command:

  1. Enter the command: htpasswd2 -c .htpasswd user-ID

    where user-ID is the ID for the user trying to access your page.

    Example: htpasswd2 -c .htpasswd jsmith

  2. The htpasswd program will prompt you to enter a password for the specified user.
    It is recommended that you do not use actual Orion passwords.
  3. Save the file:
    Press Ctrl+o, then Enter.
    Press Ctrl+x to exit.
  4. Set permissions for the file:
    Type chmod o+r .htpasswd and press Enter.

   

Restrict by IP Address

You may restrict access to your pages by IP address. Because individual IP addresses may change, it is suggested that you limit access to an entire domain, rather than a particular user.

Log into Orion using the PuTTY application.  This can be found under Loyola Software => Internet Tools. The configuration settings are:

  • Host Name: orion.it.luc.edu
  • Port 22
  • Choose the SSH Button
  • Click Open
  • Enter your Orion ID
  • Click Enter
  • Enter your Orion password

Create an .htaccess file in the Orion directory where you want to restrict access by entering the following command:
pico .htaccess.

To restrict access to only those users on Loyola's system, enter the following information:

RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-For} !^147\.126\.*
RewriteCond %{HTTP:X-Forwarded-For} !^10\.*
RewriteCond %{HTTP:X-Forwarded-For} !^77\.43\.8\.153$
RewriteCond %{HTTP:X-Forwarded-For} !^77\.43\.8\.154$
RewriteCond %{HTTP:X-Forwarded-For} !^77\.43\.8\.155$
RewriteCond %{HTTP:X-Forwarded-For} !^77\.43\.8\.156$
RewriteCond %{HTTP:X-Forwarded-For} !^77\.43\.8\.157$
RewriteCond %{HTTP:X-Forwarded-For} !^77\.43\.8\.158$
RewriteRule .* - [F]
order allow,deny
deny from 147.126.46
allow from 147.126
allow from 10
allow from all

  1. Save the file:
    Press Ctrl+o, then Enter.
    Press Ctrl+x to exit.
  2. Set permissions for the file:
    Type chmod o+r .htaccess and press Enter.

More information is available at NCSA's User Authentication Tutorial.

Test Page

 

Edit this page