Our Apache web server allows any user to protect his www files and 
directories by a password mechanism. He can do this without any help 
from system or www administrators. 

I will describe the simplest mechanism that I used to protect my 
address file so that it is available to me through any web browser;
but not to anyone else. 

1) create a file that stores your user id and password
   (this file should not be available on the web, but has to be available 
        to the web browser. I chose a directory in my home directory, 
        which works since we mount our home directories on our web 
        server, Pele)

        Pele> mkdir ~/.httpd
        Pele> htpasswd -c /homes/sep/matt/.httpd/users matt
        Adding password for matt.
        New password:
        Re-type new password:
        Pele> more /homes/sep/matt/.httpd/users
        matt:1T8GNGd.IMiqs

2) create an .htaccess file in the directory that you want to protect. 

        Kana> more /sepwww/pub/sep/matt/lukas/.htaccess
        AuthName "Matt's private files"
        AuthType Basic
        AuthUserFile /homes/sep/matt/.httpd/users
        
        require valid-user

   This file is read by the Apache web server when anyone attempts to 
        access the directory (/sepwww/pub/sep/matt/lukas).
   The file specifies that only "valid users" listed in the file 
        /homes/sep/matt/.httpd/users are welcome. To validate that 
        you are listed, you will have to enter an appropiate user id 
        and password/

That's it! Go try http://sepwww.stanford.edu/sep/matt/lukas 
My current user ID is "matt" and my current password is "matt". 
That will change soon though. 

Why do I care? The world is my oister: and I want to make 
my home directory available on the www. But certain files will be 
restricted to select people.