Create .htaccess File-Computing Services - Carnegie Mellon University

Create .htaccess File

Anyone who has administrative rights to web pages (Apache server only) will be able to control access to their pages using .htaccess files and Carnegie Mellon groups.  An .htaccess file is plain text and a should look like this:

AuthType webiso

require cmuGroup groupName

  • Require is an Apache standard. 
  • The cmuGroup argument is specific to this project.  It separates its directives from other projects which may use the require directive.
  • groupName is a Carnegie Mellon group name.

For example, the require line would look something like this: cmuGroup cmu:Staff:cached

When the require directive is added to the .htaccess file, the Apache server will only display files in that directory and its subdirectories to people listed as a member of the given Carnegie Mellon group.

IMPORTANT: When using Carnegie Mellon groups only reference groups which you own or are owned by a central authority such as Computing Services. 

Web site administrators may add multiple require cmuGroup lines to the .htaccess file. Users accessing the site must be in at least one of the Carnegie Mellon groups.  When a positive match is found, the user is authorized. The user does not need to be in ALL of the groups.

Note: Carnegie Mellon groups may contain other groups as members. These nested groups will be expanded recursively when authorization checks are made.

For more information on Carnegie Mellon groups, see the What is a Carnegie Mellon Group? and Using Carnegie Mellon Groups documents.

Example Groups

There are several Carnegie Mellon groups that already exist and are maintained by Computing Services.  Feel free to use these groups in your .htaccess files.  These groups are based on official university data.

Group Name
Purpose of Group 
All Carnegie Mellon faculty members
All Carnegie Mellon staff (full-time, part-time)
cmu:Student:cached All Carnegie Mellon students (full-time, part-time, recently graduated, excludes Alumni)
A combination of the faculty, staff and student groups (above). This group is useful for including people directly affiliated with the university, while excluding guest and sponsored accounts.

Last Updated: 3/12/12