Fighting Absurdity With Absurdity:
THIS SITE AND ALL CONTENT THEREIN IS ENTIRELY PERSONAL IN NATURE; THEREFORE THE OPINIONS, COMMENTS, BELIEFS, ET CETERA THEREIN MAY NOT BE CONSTRUED AS BEING THAT OR ENDORSED BY ANY EMPLOYER OF MINE, PAST, PRESENT OR FUTURE, THOR, MARS, THE FLYING SPAGHETTI MONSTER, OR THAT BUM WHO JUST BILKED YOU OUT OF A CIGARETTE. BY THE WAY, THAT DUDE MAKES MORE PANHANDLING THAN YOU DO AT YOUR OFFICE JOB.
I wish lighttpd was as well supported as Apache.
lighttpd/htaccess Protection
First, make sure mod_auth is enabled in lighttpd.conf, in the big giant list o’ modules near the top of the config.
Then:
auth.backend = "plain"
auth.backend.plain.userfile = "/path/to/your/htpasswd_file"
auth.require = ( "/" =>
(
"method" => "basic",
"realm" => "Password protected area",
"require" => "valid-user"
)
)
The htpasswd_file should be located outside of a docroot (you don’t really want people downloading it, now, do you?) and is, for all intents and purposes, a conventional htpasswd file. That is, you can use the htpasswd utility to generate it, or if you’re lazy, one of the many web-based utilities out there. (Google for .htpasswd generator)
The auth.require line – or rather, the first part, is what’s being protected. / should cover the whole docroot; if you wanted to protect a subdirectory, you’d just use “/mysubdirectory/” for example.
Note: Still working out comments/etc. theming. Please ignore the ugliness.