htaccess and htpasswd in Apache server
======================================

Public domain
********************************************************************************
### /etc/httpd/conf/httpd.conf

    <Directory "/var/www/html">
    .
    .
    AllowOverride All
    .
    .
    </Directory>

********************************************************************************
### /var/www/html/private/.htaccess

    AuthUserFile /var/www/html/private/.htpasswd
    AuthName "My Private DIR"
    AuthType Basic
    <Limit GET POST>
    require valid-user
    </Limit>

********************************************************************************
### Add user

Use -c for fist user

    # htpasswd -c /var/www/html/private/.htpasswd admin

    # chmod 644 /var/www/html/private/.htaccess
    # chmod 644 /var/www/html/private/.htpasswd

********************************************************************************
### Force files to download
On your command line:

    Install mod_headers
    sudo a2enmod headers
    service apache2 restart

and then in your htaccess file add following lines:

    <Files *.*>
            ForceType application/octet-stream
            Header set Content-Disposition attachment
    </Files>
    
********************************************************************************
### File access restriction
    <Files "TED.mp4">
    Order deny,allow
    Deny from all
    Allow from 78.38.35.253 198.23.143.251
    </Files>
********************************************************************************
### htaccess Troubleshooting

First, note that restarting httpd is not necessary for .htaccess files. .htaccess files are specifically for people who don't have root - ie, don't have access to the httpd server config file, and can't restart the server. As you're able to restart the server, you don't need .htaccess files and can use the main server config directly.

Secondly, if .htaccess files are being ignored, you need to check to see that AllowOverride is set correctly. See http://httpd.apache.org/docs/2.4/mod/core.html#allowoverride for details. You need to also ensure that it is set in the correct scope - ie, in the right block in your configuration. Be sure you're NOT editing the one in the block, for example.

Third, if you want to ensure that a .htaccess file is in fact being read, put garbage in it. An invalid line, such as "INVALID LINE HERE", in your .htaccess file, will result in a 500 Server Error when you point your browser at the directory containing that file. If it doesn't, then you don't have AllowOverride configured correctly.



    
Configure Apache mod_rewrite

    a2enmod rewrite

add the following code to /etc/apache2/sites-available/default

    AllowOverride All

Restart apache

    /etc/init.d/apache2 restart
********************************************************************************
_BY: Pejman Moghadam, Farid Ahmadian_  
_TAG: htaccess, htpasswd, apache_  
_DATE: 2015-04-25 00:21:22_