Search This Blog

Saturday, July 14, 2012

HTTP Authentication for Django VirtualHost

If you want to protect a virtualhost with Django, you can use http basic authentication. The question is how  to protect your test site but not the production site (assuming they are both on the same server). Here is how to do it:

First generate your htppasswd file:
#htpasswd -c htpasswd user_name
assume we put the file in

Second, assume the site you want to protect is called on port 80
Put the following for your http configuration. In Ubuntu, it will be a file in your /etc/apach2/sites-enable/ directory

       setEnvIfNoCase HOST ^test\.mysite\.com\.?(:80)?$ PROTECTED_HOST
       #put this in your location directive
            AuthUserFile /home/myusername/htpasswd
            AuthType Basic
            AuthName "this site is password protected :)"

            Order Deny,Allow
            Satisfy any
            Deny from all
            Require valid-user
            Allow from env=!PROTECTED_HOST
This configuration, will pop up password for on port 80. 

No comments: