Heya, Thanks for visiting!
edited

Basic <Directory> tag explanation

Here is a sample script allowing all users:

<Directory "/var/www/static/">
    Options -Indexes
    Order deny,allow
    Allow from all
    AllowOverride All
    Require all granted
</Directory>
  • Options -Indexes: Removes the ability to view all files in directory if index html or php are not present
  • Order deny,allow: Applies the deny operations before the allow operations
  • AllowOverride All: Allows .htaccess to override settings in httpd.conf, etc
  • Require all granted: some mod_authz_core thing. Not completely sure.

Create password protected Directory or Location:

# PW protect URL
<Location "/secret-stuff">
    AuthType Basic
    AuthName "Private Directory"
    AuthUserFile /etc/httpd/.htpasswd
    Require valid-user
</Location>

# PW protect directory
<Directory "/path/to/directory">
    # ... Look above
</Directory>
  • AuthType Basic: Set the Basic authentication method
  • AuthName "Private Directory": Provide a name for the location. This shows up on the login modal/popup (optional)
  • AuthUserFile /etc/httpd/.htpasswd: Specify the pathname to the file that contains usernames and passwords. The usual filename to use is .htpasswd
  • Require valid-user: Specify that only users that exist in the file are allowed access

via this documentation

Create .htpasswd file:

  1. Run htpasswd /etc/httpd/.htpasswd newuser
  2. Type the password and re-type

Change password of existing user

  1. Run htpasswd -p /etc/httpd/.htpasswd newuser
  2. Type your new password and re-type

via this documentation

Find Apache User or Group:

This is the user with permissions on your machine that apache uses to carry out its functions. If you are getting permission denied in the error.log you probably need to add this group to the directory/file.
For Ubuntu the default user and group is www-data
You can find it in /etc/apache2/apache2.conf which will look like:

User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}

${APACHE_RUN_USER} is a reference to environment variables set in /etc/apache2/envvars so just go look in there for APACHE_RUN_USER

via Lars Noodén on this thread

Basic Apache commands:

Command Description
sudo /etc/init.d/apache2 reload Restart the apache server