How would you password protect a file?

[Hyperblaze]

I've done pass protecting a directory in apache before....ie....

AuthUserFile /z/ric/secret/.htpasswd
AuthGroupFile /dev/null
AuthName "Ric's protected files"
AuthType Basic

<Limit GET>
require valid-user
</Limit>

But this time, I'd like to pass protect a file....(but not the directory), has anyone ever done this before?

If so, how would you go about it?

 

[sourceninja]

I usually use a php script. I put the file outside of the document root for your webserver (somewhere like /var/files and my webdocs are in /var/www). Then I use the php script to authenicate the proper user/pass combo (you could use any means, htaccess auth, mysql table, hash file, etc. Then if the user/pass is correct I send headers telling the browser a file is coming, and then fopen the file and echo it to the browser.

Or you could make a folder and stick the file in it, and password protect that file. There might be a way to do it in apache, but I do not have 100% trust in apache because multiple users have the ablity to edit the apache config at my work. So I find all my security is best done though php where I have control.