From 22348a8caf8f738395ee01a6eda9ccd70841012e Mon Sep 17 00:00:00 2001
From: Tim Stallard <code@timstallard.me.uk>
Date: Tue, 29 Nov 2016 18:09:05 +0000
Subject: [PATCH] Added commands to change permissions on htpasswd file

---
 src/documents/blog/2016-11-03-keepass.html.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/documents/blog/2016-11-03-keepass.html.md b/src/documents/blog/2016-11-03-keepass.html.md
index d2b09f6..814b297 100644
--- a/src/documents/blog/2016-11-03-keepass.html.md
+++ b/src/documents/blog/2016-11-03-keepass.html.md
@@ -20,8 +20,10 @@ While KeePass includes encryption for our password storage, we also want another
 To start, you'll want to add a .htpasswd file for the credentials to be stored in - I put mine in /etc/apache2 using the following command:
 ``` bash
 sudo htpasswd -c /etc/apache2/.htpasswd username
+sudo chown www-data:www-data /etc/apache2/.htpasswd
+sudo chmod 600 /etc/apache2/.htpasswd
 ```
-This will prompt you to enter a password, and will save it to that file. You'll want to run this as root, to have write access.
+This will prompt you to enter a password, and will save it to that file. The permissions are also then changed to allow Apache to read the file, and to prevent other users from reading it.
 
 You can then add the following to your VirtualHost configuration, to enable the authentication:
 ``` apache