Apress - Smart Home Automation with Linux (2010)- P38:Linux users can now control their homes remotely! Are you a Linux user who has ever wanted to turn on the lights in your house, or open and close the curtains, while away on holiday? Want to be able to play the same music in every room, controlled from your laptop or mobile phone? Do you want to do these things without an expensive off-the-shelf kit | CHAPTER 5 COMMUNICATION Secure Server With the Web being a naturally open protocol and the home machine being a traditional secure environment providing a way for secure access to your home and its data is a must. You can provide this with basic authorization that places specific files called .htaccess in each directory. These are read by the web server to govern access that does the following Makes it easy to add and change user access rights Can be changed on a per-directory basis without needing to be root Requires no rebooting between changes One downside of this method over changing the configuration files directly is that these files are read on every access making the service slower. In the case of a private web server this is unlikely to be noticeable however. More important the username and password are sent across the wire in plain text when connecting despite being present in an encrypted form on disk. Furthermore they are stored and are accessible as plain text from any script running from inside this area. Consequently it is recommended only for web servers that are inaccessible from outside your home network. To enable basic authentication you need two things a password file and an access file. The password file is traditionally called . htpasswd and exists on the filesystem in a location that is accessible to Apache that is the www-data user but not the files that Apache serves not those underneath var www . You create the file and your first user like this htpasswd -c etc apache2 .htpasswd steev You are then prompted for a password that is encrypted and added to the file. This password is for accessing the web site only. It need not match the password for the user if they share a name and in fact you can allow users to access the web site who don t have a Linux account at all. You must then indicate which directories are to be protected by including an .htaccess file as shown here inside them AuthType Basic AuthUserFile etc apache2 .htpasswd .