RHEL7: Configure Apache group-managed content.

Share this link

Note: This is an RHCE 7 exam objective.


First, follow the instructions to install an Apache web server.

Note: Don’t forget to install the httpd-manual package. This could help you a lot with any syntax issue.

Main Configuration

To allow only a group of users (here nikos and steve from the team) to access a specific directory (here private), edit the /etc/httpd/conf/httpd.conf file and paste the following lines at the end:

<Directory "/var/www/html/private">
AuthType Basic
AuthName "Password protected area"
AuthGroupFile /etc/httpd/conf/team
AuthUserFile /etc/httpd/conf/passwd
Require group team

Check the configuration file:

# apachectl configtest
Syntax OK

Create the /var/www/html/private directory and assign the correct SELinux context:

# mkdir -p /var/www/html/private
# restorecon -R /var/www/html/private

Create the /etc/httpd/conf/team file and paste the following line:

team: nikos steve

Create the /etc/httpd/conf/passwd file, add the nikos and steve accounts with their own passwords:

# htpasswd -c /etc/httpd/conf/passwd nikos
New password: nikos
Re-type new password: nikos
Adding password for user nikos
# htpasswd /etc/httpd/conf/passwd steve
New password: steve
Re-type new password: steve
Adding password for user steve

Restart the httpd service:

# systemctl restart httpd

Configuration Check

To check the configuration, type:

# yum install -y elinks
# elinks http://localhost/private/
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

Leave a Reply

Please Login to comment
1 Comment threads
10 Thread replies
Most reacted comment
Hottest comment thread
3 Comment authors
LisenetCertDepotchamambom Recent comment authors
newest oldest
Notify of

@certdepot, thanks for such an awesome blog for Redhat preparation. I will be taking my exam soon and have one grey area with regard to these 2 objectives : – configure access restrictions on directories – configure group-managed content Correct me if I am wrong but this is how I am understanding them: Configure group-managed content——this one seems to be similar to setting up group authing using this config below just like how you explained it AuthGroupFile /etc/httpd/conf/team It also overlaps with this objective Configure access restrictions on directories on the group managed content, I have seen others doing the… Read more »


Configure group-managed content – this is chmod 2770 (content that is managed by a group).

Configure access restrictions on directories – this is AuthGroupFile /etc/httpd/conf/team.


@Lisenet, the reason why I am saying that is because htpasswd users don’t exist in the file system and the group also doesn’t exist in the filesystem [and by filesystem I mean via useradd command] … so what group would you create the users for since the auth userfile and the authgroup file have users and groups that don’t exist in /etc/passwd or group?


It’s very simple, therefore I’m a bit puzzled on what you don’t understand with these objectives. Group managed content is for web developers to upload files to a webserver. We do that in production all the time, configure chmod 2770 so that devs can push changes to webroots.

Access restrictions on directories are purely for web users to require login to be able to see content. These users don’t need nor don’t have to have Linux accounts. An example would be a WordPress login page which you want to configure restrictions on.


I understand them perfectly, only they seem intertwined…and as you can see @lisenet , on this post it only validates what I have been saying and while what you are saying is true ….I guess I’ll have to take the RHCE and try to read between the lines on that kind of question.


This post has a misleading headline – it covers access restrictions on directories, but the title says “Configure Apache group-managed content”. This is not correct.

By adding Apache users to the group file (AuthGroupFile) does not grant any management permissions for content, it only allows access on directories.

There is no reading between the lines, the fact that the post has an incorrect headline doesn’t validate your statement 🙂

CertDepot, can you fix the headline please?


I think that changing the title of the tutorial is sufficient.


@Lisenet ,yes group managed content is how you are explaining it ,but i guess a lot of people like me are confusing it with the apache group restricted access.I am just glad that the exams are usually explicit about what they want you to do ….. so yes ,the way you explain it is the same way that works for samba ,nfs collaborative shares .

Upcoming Events (Local Time)

There are no events.

RHCSA7: Task of the day

Allowed time: 8 minutes.
Find all files bigger than 100MB and write their names into the /root/results.txt file.

RHCE7: Task of the day

Allowed time: 10 minutes.
Set up a default secure MariaDB database called maria and create a table named people with two columns respectively name varchar(20) and age int(10) unsigned.

Follow me on Twitter

Poll for favorite RHEL 7 book

What is your favorite RHEL 7 book to prepare RHCSA & RHCE exams?

View Results

Loading ... Loading ...

Poll for most difficult RHCSA 7 topic

What do you think is the most difficult RHCSA 7 topic?

View Results

Loading ... Loading ...

Poll for most difficult RHCE 7 topic

What do you think is the most difficult RHCE 7 topic?

View Results

Loading ... Loading ...