Restricting Access to The Website

You can restrict access to the entire website or to some of its directories. To open a directory of the website with restricted access, the visitor will need to go through an additional authorization in the browser.


Setting restrictions

To restrict access to the website:
    .1Enter Sites → menu → Access limits.
    .2Press Add.
    .3Select the directory of the website you want to restrict access to. You can specify it manually in the Path to directory field or select it in the file manager.
    .4Press Next.
    .5Enter your login information:
a. Username.
Note
This username will only be used for authorization in the website directory. It is not associated with ISPmanager user accounts.
b. Enter or generate a Password.
c. Re-enter the password in the Confirmation field.
    .6Press Finish.
To delete the restriction, enter Sites → menu → Access limits → select the restriction → Delete.
To edit the restriction settings, enter Sites → menu → Access limits. Access limits → select the restriction → Users. Possible actions:
  • Add a new user for the restriction;
  • Edit the settings for the user;
  • Delete the settings for the user;
  • Enable or disable user settings.

Work logic

After creating a restriction, ISPmanager:
    .1Saves username and password in encrypted form in the file /var/www//data/etc/access...passwd.
    .2Adds a section to the web server configuration file: Example of section for Apache
<Directory /var/www/www-root/data/www/example.com/tmp> Allow from all AuthName "Access limited by ISPmanager" AuthType Basic AuthUserFile /var/www/www-root/data/etc/access.example.com.GHCoKdm8.passwd Order allow,deny Require valid-user </Directory>
    .3Example of section for Nginx
location /tmp/ {
location ~ [^/]\.ph(p\d*|tml)$ {
try_files /does_not_exists @php;
}
auth_basic
"Access limited by ISPmanager"
;
auth_basic_user_file /var/www/www-root/data/etc/access.example.com.GHCoKdm8.passwd;
}