Protecting Redmine with additional HTTP 1.1 Basic authentication
Sometimes it might be required to protect a Redmine instance with additional HTTP 1.1 Basic authentication. This blog post is a tutorial how to do that...
This tutorial is for Apache based installations.
First of all, login or navigate using a file manager to your redmine user's directory, but outside of public or public_html folders. Meaning the file we are going to create should be set outside of directory visible from internet.
For example:
cd /home/redmine
Run following command, replacing rmuser with any username you wish and enter password after running this command.
Write down password and username to secure location!
redmine@host:~$htpasswd -c .htpasswd rmuser
New password:
Re-type new password:
Or, if you are using filemanager, you can just upload the .htpasswd file created on your local machine or using online service like this one: http://www.htaccesstools.com/htpasswd-generator/
Once you have done above step, proceed by creating .htaccess file in /public folder of your Redmine instance, for example with nano:
nano /home/redmine/public/.htaccess
and paste the following contents
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /home/redmine/.htpasswd
Require valid-user
Keep in mind that we are here using the Redmine installed under /home/redmine in your
case it might differ, and your Redmine might be under /opt/redmine if you installed via apt-get or on windows in C:\Redmine etc...
So you need to adjust paths to fit your system.
That's it, Redmine is protected!
