Buy One Domain Name, Get One Free

Looking for a reliable and affordable Domain Name Registrar? Look no further than Dotster. And for a limited time, we're able to offer our visitors a buy one domain name, get one free promotion. Click here to take advantage of this offer.

Get Your Own Toll Free 800 Number

It's easy to setup your own toll free number for as little as $2/ month. Try Kall8 today and get your 800 number. Features include call forwarding, voice mail and fax, caller ID, email notifications, VoIP, and more.



Aug 03 2007

How to Password Protect a Page in Drupal


Filed under: Content Management Systems » Drupal,
Tools:


Struggling to obtain password protection for a single page?

The normaly .htaccess routine that would allow you to setup password protection for a page:

AuthUserFile "/path-to-password-file/"
AuthName "Restricted Access"
AuthType Basic
<Files file-name>
Require valid-user
</Files>

Doesn't work because of Drupal's rewrite rules.  Here's how to overcome the issue.

Creating the 401.shtml page

Add a page named "401.shtml" in your root.  Typically you'll want the page to be in html format (ie. with html and body tags at a minimum), and add a message such as "Access Denied," as this page will get loaded if the user cancels out the password dialog box, or if they fail to enter valid login information.  Typically, a 401 page contains the following:

Authorization Required

This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.

Once you have created the above page you can add the above .htaccess routine to your .htaccess file.  The only remaining step is adding a user:password combination (the password is an Apache modified MD5 encryption, or generated using the system's crypt() command) to your .htpasswd file and storing this file above your document root.

Average: 3.2 (6 votes)
Tools:



Finally. Thank You!

I would have never guess that it needed a 401.shtml file in the web root directory to allow run-of-the-mill .htaccess/.htpasswd protected directories to work. WOW.

Thanks again,

Ander

Thanks

Thanks for providing the solution, I was searching for that.

Browser credentials

This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.

what is the Require

what is the

Require valid-user

directive? I don't recognise that. Could you give an example of how this would work to protect a page such as

/articles/april

where april is the page, using friendly URLs in Drupal 5.7.

Thanks

  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <p> <br> <br />
  • Lines and paragraphs break automatically.
  • Textual smileys will be replaced with graphical ones.

More information about formatting options

CAPTCHA
This question is used to make sure you are a human visitor and to prevent spam submissions.