Access Control Using .htaccess
An .htaccess file allows for per-directory Web access control to content, including all sub-directories contained within the directory. On Web Central, the following options are available for access control using an .htaccess file:
- Restricting Access on Web Central using UT EID and the Transitional Fat Cookie
- Restricting Access by Domain Name
- Restricting Access by IP Address
- Restricting Access by Username and Password
All EID-protected directories must be accessed using the HTTPS protocol.
You must include a logoff option on your EID-protected pages:
- Link Label: Logoff
- Link URL: https://login.utexas.edu/login/UI/Logout
Any directories that you want to protect must be world-executable and any files you create must be world-readable. To set the proper permissions, log on to uts.cc.utexas.edu and go to your protected directory. To make the directory world-executable, enter the command
chmod 751 .
To make a file world-readable, enter the command
chmod 644 the-filename
Limits of Protection
Password protection of website directories does not give you complete protection; it only stops unauthorized users from viewing your files via a Web browser.
Your files remain world readable in their uts.cc.utexas.edu directory. This means that anyone who can log in to UTS will be able to go to your directory and read your HTML source files, provided they know where the files are.
Last updated May 30, 2014 @ 10:24 am