Where should I place the .htpasswd file (phpMyAdmin)?

I am following this tutorial setting up phpMyAdmin:

I edit the .htaccess file at /usr/share/phpmyadmin/.htaccess

But I need to point it to a .htpasswd file of my choice.

Can I put it in /usr/share/phpmyadmin so it's next to .htaccess? Or can I put it in /var/www ?

2 Answers

Well, in theory you should be ok with putting your .htpasswd file anywhere in the apache document root since apache default configuration for any file beginning with ".ht" should be this:

<FilesMatch "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>

However, I tend to avoid that, and usually put my .htpasswd files somwhere in the apache folder, for example:

/etc/apache2/htpass/.htpasswd

or

/etc/apache2/.htpasswd

I don't think there are any official best practices for this, correct me if I am wrong...

It is NOT a good idea to place your .htpasswd file in /var/www.

You can place the .htpasswd pretty much anywhere other than your web folder. I would place it in /etc/phpmyadmin.

4

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password Submit

Post as a guest

Post Your Answer Discard

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy