Microsoft Corporation
Updated April 15, 1999
On UNIX Web servers, access to a Web server's content, CGI scripts, and configuration files is controlled by entries in one or more access files. An access file contains security-related directives controlling which users and groups can access the content on a server. Optionally, an access file can also contain domain-level directives that specify which Internet addresses can access content.
A global access file, named access.conf on most UNIX servers, contains global access settings for the Web server. Per-directory access files can be placed in directories on the Web server to implement per-directory access control. A directory-level access file controls access to the content in the directory that contains the access file; it also controls access to content in all subdirectories below that directory, except those subdirectories that contain their own access files. When you create access files throughout a Web server's content, different sets of users, with varying levels of permissions, can be given access to different areas of the server. Note that access control on individual files is not supported. However, by placing a file by itself in a directory, you can apply unique access control settings to it.
An access file points to a password file named .htpasswd by default. This file, which is in HTML format, contains a list of users who have access to content, along with passwords for each user. This list is separate from the list of users and passwords who have access to the server machine's file system.
A group file defines groups of users who can be authenticated as a whole rather than individually. Group files, named .htgroup by default, are in HTML format. All users in a group file must be listed in the password file for the same directory (or in the global password file, if it is pointed to from access.conf). Microsoft® FrontPage® creates entries in group files when you create groups using the Permissions command in FrontPage.