Setting up a testing environment isn't difficult. Even though they are only used for testing purposes, these websites should be protected with username/password-authentication. This is a simple procedure.
- Add following code to your vhost:
AuthName "Authenticatie vereist"
- Create the .htpasswd file
Navigate to your DocumentRoot and run the command htpasswd -m -c .htpasswd username. You'll have to enter a password twice. Verify that the .htpasswd is at the correct location, specified in the vhost. Also ensure apache can read the .htpasswd file.
Attention: the -m operator is important. This will force the usage of the md5() algorithm. The default algorithm, crypt(), is less secure because it will only use the first 8 characters of your password.
- Reload Apache
Run the command apache2ctl graceful (with root permissions). Before the connections are closed, active request will be completed.
Now, navigate to your website and you will be prompted your username and password!