Depending on your servers abilities you can choose between two types of authentication:
- Make sure to use a strong password, no matter which solution you choose!
- Enable HTTPS on your server to ensure your connection is encrypted and secure!
.htaccess files are commonly used to restrict access to files on a web server. One of the features of .htaccess files is the ability to password protect specific (or all) directories. If setup correctly, a password is required to access the files.
The usage of .htaccess files requires three basic steps:
This process depends on the server you are using. Some providers may require you to change some settings, or place/change some file. Here are some helpful links for your server (please add your own if missing :sparkling_heart:)
Create a .htpasswd file
.htpasswd file contains the user name and password used for login to your web server. Please notice that the password is stored in encrypted form, which requires you to encrypt your password before creating the
Here are three ways of creating your own
1) Example file
.htpasswd file (user name: “test”, password: “test”):
Just copy and paste the contents to your
2) Online generator (read warning!)
You can create your own
.htpasswd file online using a
.htpasswd generator like this: https://www.htaccesstools.com/htpasswd-generator/
- Never insert real passwords to an online generator!
3) Generate your own password
Another way to create your own
.htpasswd file is to run this script on your server (it’ll output the data for you, you just have to paste it int a
<?php // Password to be encrypted for a .htpasswd file $clearTextPassword = 'some password'; // Encrypt password $password = crypt($clearTextPassword, base64_encode($clearTextPassword)); // Print encrypted password echo $password; ?>
Create a .htaccess file
.htaccess file is used to specify which directories are password protected. For that purpose you should place the file in whatever directory you want to restrict access. If you want to restrict access to RSS-Bridge in general, you should place the file in the root directory (where
index.php is located).
Two parameters must be specified in the
AuthName specifies the name of the authentication (i.e. “RSS-Bridge”).
AuthUserFile defines the absolute path to a
Here are two ways of creating your own
1) Example file
AuthType Basic AuthName "My Protected Area" AuthUserFile /path/to/.htpasswd Require valid-user
Notice: You must change the
AuthUserFile location to fit your own server (i.e.
2) Online generator
You can use an online generator to create the file for you and copy-paste it to your
.htaccess file: https://www.htaccesstools.com/htaccess-authentication/
RSS-Bridge ships with an authentication module designed for single user environments. You can enable authentication and specify the username & password in the configuration file.
Please notice that the password is stored in plain text and thus is readable to anyone who can access the file. Make sure to restrict access to the file, so that it cannot be read remotely!