In this exercise you will do some basic setup for HTTP. Install some basic packages which you need for work on apache.

[root@security1 ~]# yum -y install httpd elinks

After this turn off automatic index creation for default site. You should change /etc/http/conf/httpd.conf file and in options for default site remove Indexes. Create a new directory tree and some content for authorized users to access. Go to /var/www/html and make directory secrets and inside this directory, yet one directory mp3s. After this you should make index.html pages inside this directories. So, run next:

[root@security1 html]# echo "This is only authorized people can see." > secrets/index.html
[root@security1 html]# echo "This simulates retreiving an actual file." > secrets/mp3s/index.html

After this you should change directive for /var/www/html directory, so that can AllowOverride. Change /etc/http/conf/httpd.conf, so you have next inside it:

Directory "/var/www/html/secrets"
Options ExecCGI
AllowOverride AuthConfig

Restart service after this. If you try to access to you will see that you can see index.html without username and password. For this you should make .htaccess file. Make that file with next content in /var/www/html/secrets

AuthName "Access to secrets folder on SETENFORCE"
AuthType Basic
AuthUserFile /var/www/passwords
require valid-user

Also you should make and /var/www/passwords file. I will do this for user student.

[root@security1 secrets]# htpasswd -c /var/www/passwords student
If this file already exist don't use -c, because this will rewrite content of file. So if you want to add file use next:
[root@security1 secrets]# htpasswd /var/www/passwords mary

After this make sure that /var/www/passwords file have permissions 755. So you can test this now, try, you will be prompted for username and passwd.