Restricting access to the website
You can restrict access to the entire website or to some of its directories. To open a directory of the website with restricted access, the visitor will need to go through an additional authorization in the browser.
Setting restrictions
To restrict access to the website:
- Enter Sites → menu → Access limits.
- Press Add.
- Select the directory of the website you want to restrict access to. You can specify it manually in the Path to directory field or select it in the file manager.
- Press Next.
- Enter your login information:
- Username. NoteThis username will only be used for authorization in the website directory. It is not associated with ISPmanager user accounts.
- Enter or generate a Password.
- Re-enter the password in the Confirmation field.
- Username.
- Press Finish.
To delete the restriction, ente Sites → menu → Access limits → select the restriction → Delete.
To edit the restriction settings, enter Sites → menu → Access limits. Access limits → select the restriction → Users. Possible actions:
- Add a new user for the restriction;
- Edit the settings for the user;
- Delete the settings for the user;
- Enable or disable user settings.
Work logic
After creating a restriction, ISPmanager:
- Saves username and password in encrypted form in the file /var/www//data/etc/access...passwd.
- Adds a section to the web server configuration file:
Example of section for Apache
<Directory /var/www/www-root/data/www/example.com/tmp> Allow from all AuthName "Access limited by ISPmanager" AuthType Basic AuthUserFile /var/www/www-root/data/etc/access.example.com.GHCoKdm8.passwd Order allow,deny Require valid-user </Directory>
Example of section for Nginx
location /tmp/ { location ~ [^/]\.ph(p\d*|tml)$ { try_files /does_not_exists @php; } auth_basic "Access limited by ISPmanager"; auth_basic_user_file /var/www/www-root/data/etc/access.example.com.GHCoKdm8.passwd; }