How can I use htaccess to password protect a directory?

Create a file named .htaccess in your web directory that contains the following: 

AuthUserFile /home/yourlogin/yourdirectory/.htpasswd 
AuthName Secure 
AuthType basic 
require valid-user 

Then in your home directory, type htpasswd -c /home/yourlogin/yourdirectory/.htpasswd newuser (change newuser to the username you want to add). You will be prompted to enter a password and verify it. 

This will enable you to secure the directory so that only your new user can enter this directory. 

To add additional id/password pairs to the file, leave off the -c, which means 'create a new file'. For example, htpasswd .htpasswd linus will allow a new user named �linus� to also access that directory. You may well want any of the user/password combinations you created in your .htpasswd file to allow access. 

To protect other directories, use the -c switch with the command to create a new .htpasswd file for that directory.

Note that you want to store the .htpasswd file in your home/root directory so it is hidden from others. The one drawback to putting your .htpasswd file in your home directory is that you will have to slightly lower the security of your home directory. Go to /home (cd /home/yourlogin) and type chmod +x yourlogin. The WWW server needs execute permission on to read the .htpasswd file.
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

How do I turn Directory Indexing off?

Add the following to .htaccess:Options -IndexesTurn it back on:Options +Indexes 

How can I setup dynamic/custom error pages?

If you have defined your own custom Error Pages using the "Define Error Pages" tool within the...

How do I do a rewrite instead of a 302 for missing pages?

Use something like this:RewriteEngine onRewriteCond %{REQUEST_FILENAME} !index.htmlRewriteRule /*...

How do I stop off-line browsers/ robot surfers?

Try the following in .htaccess:RewriteEngine OnRewriteCond %{HTTP_USER_AGENT} ^MozillaRewriteRule...

How do I prevent spam from email harvestering?

Use the following in .htaccess:RewriteEngine onRewriteCond %{HTTP_USER_AGENT} ^Bullseye.*...