Securing your personal Web Space

You can optionally secure your personal webspace with a special file named .htaccess in the directory you wish to secure.

IPPP SSO

You can now secure your personal webspace and require a user to login using the IPPP SSO, which would force people to use their OTP if accessing from externally using the following:

AuthType openid-connect
Require valid-user

All Users with accounts

For example to secure the directory test in ~user/test you’d do the following:

user@hostname:~$ cat << EOF > www/test/.htaccess
AuthType openid-connect
Require valid-user
EOF

Groups

You can optionally require specific top-level groups such as all ipppusers:

user@hostname:~$ cat << EOF > www/test/.htaccess
AuthType openid-connect
Require clain group:/ipppusers
EOF

Group List Examples

Top Level groups:

• ipppusers (All IPPP users and some visitors)
• external-users (All Visitors)
• fielding-users (All Fielding Users)
• cfai-users (All CfAI Users)

IPPP Website Users:

• website-ippp (All IPPP visible on the website)
• website-academic (IPPP Academic Staff visible on the website)
• website-emerti (IPPP Emeritus Staff visible on the website)
• website-research (IPPP Researchers/Postdocs visible on the website)
• website-postgrads (IPPP Postgrads visible on the website)
• website-staff (IPPP Staff visible on the website)

Custom List

You can also make a custom list by using a htpasswd list. You will need to create a .htaccess similar to the following:

AuthName "Access Required"
AuthType Basic
AuthUserFile /mt/home/username/www/.htpasswd
Require valid-user

And then you will need to provide a list of usernames and a password similar to the following and save it in the location you provided in the AuthUserFile in the htaccess (we stringly suggest naming the file .htpasswd as this is hidden by the web server.

user1:$apr1$k2mjb8gp$wMm/vsb2.B5kjHRxEnmOj1
user2:$apr1$wazxibjp$lsxt483r60O6W30u8YVmj.

You can generate a htpasswd list online at https://passwords-generator.org/htpasswd