Introduction
  Publishing web pages
  RXML
  Information tags
  String tags
  Variable tags
  URL tags
  If tags
  Graphics tags
  Database tags
  LDAP
  Programming tags
  SSI tags
  Image maps
  Supports system
  Security
    .htaccess
    .htpasswd
    .htgroup
  Appendix
 
.htaccess

A .htaccess file consists of lines containing directives. Apart from the Limit; directive, all directives have the form

directive argument(s)
where argument(s) is one or more arguments. The directives supported are:
AuthUserFile
Use this user and password file to authenticate users. Typically, the AuthUserFile is called .htpasswd

AuthGroupFile
Use this group file, which contains a database of which groups users are member of. Typically, the AuthGroupFile is called .htgroup, if used.

AuthName
Set the authentication realm, which can be any name you choose. The name will be used to tell browsers how to label user authentications within a session, so that the browsers can automatically repeat passwords the user has already entered when accessing new pages with the same access requirements.

Redirect
Redirect all accesses for pages in the directory to this URL.

ErrorFile
Show this page in case the requested page could not be found, maybe because the user did not have permission to view it.
Then there is the <Limit> container tag. The attributes are the HTTP method(s) that access should be limited to, GET, PUT, POST or HEAD. The contents of the tag are access control directives, one directive on each line. Possible directives are:
allow from address
deny from address
Allow or deny access to users from a DNS domain or IP number. www.roxen.com means the computer while .roxen.com means all computers on the domain roxen.com. The same way 194.52.202.3 means the computer while 194.52. means the net starting with 194.52

require user user(s)
require group group(s)
Allow access only for the named user(s) or group(s).

require valid-user
Allow access to any user present in the AuthUserFile or Authentication module.

satisfy all
satisfy any
Decide what happens if both require and allow rules are present; all indicates that the user must satisfy both kinds of requirements, while any means that it is enough that the user satisfies either kind.

order deny,allow
order allow,deny
order mutual-failure
The order rules decides how to prioritize deny and allow rules. If the order is set to deny,allow, deny rules will be processed before allow rules. With allow,deny, allows will be processed before denies, and with mutual-failure, hosts allowed by any allow rule will be allowed, and other hosts denied. Deny,allow is the default.

The rule evaluation does not stop until all rules have been processed, so the earlier a rule is processed, the lower priority is has in determining access. This only matters when different rules contradict each other, for instance when a wide-ranging deny rule forbids access to a certain domain, and an allow grants access to a smaller part of the domain.

Example
A typical .htaccess file would look something like this:

   AuthUserFile /home/frotz/.htpasswd
   AuthGroupFile /home/frotz/.htgroup
   AuthName MyTestDomain
   AuthType Basic

   <Limit PUT HOST HEAD>
   require user frotz
   </Limit>

   <Limit GET>
   allow from all
   </Limit>

The .htaccess file above would allow everyone to GET documents in the directory, but all other kinds of access would be restricted to the user frotz, and expect this user to login with the password listed for frotz in the .htpasswd file in the home directory of the user frotz.