Password protecting web directories in OpenBSD httpd

1. Create an auth directory and change owner to www:

   $ doas mkdir /var/www/auth
   $ doas chown www /var/www/auth
   

2. Generate a .htpasswd [0] file and change owner of file to www:

   $ doas htpasswd /var/www/auth/.htpasswd_foo username
   Password:
   Retype password:
   $ doas chown www /var/www/auth/.htpasswd_foo
   

3. Add a location [1] block to the bottom of a server section in /etc/httpd.conf:

   	location "/foo/*" {
   		authenticate with "/auth/.htpasswd_foo"
   	}
   

4. Restart the httpd daemon:

   $ doas rcctl restart httpd
   httpd(ok)
   httpd(ok)
   

[0] https://man.openbsd.org/OpenBSD-7.0/htpasswd.1
[1] https://man.openbsd.org/OpenBSD-7.0/httpd.conf.5#location

Send comments and suggestions to @antics@mastodon.nu