Quick Online Tips Get Chitika | Premium
Home     About     Popular     Photoblog     Themes     Advertise     Shop     Jobs     Contact

How to Password Protect Directory Using .htaccess

July 15th, 2009
ADVERTISEMENTS

Do you want to password protect a directory on your website? .htaccess is a powerful file which can easily password protect your files and folders in your web directories. I share this new skill I learnt while  implementing it on our site.

Lets suppose you want to protect the folder ’secretfolder’ located on this path on your server:  home/user/domain/secretfolder

Password Protect Directory with htaccess

Step 1 – Create .htpasswd file with your desired username and password in any text editor (like Notepad) and save without the .txt extension. It is a good idea to encrypt the password  for extra security. Here is a good htpasswd encryption tool to do just that – simply enter the username and password and it will generate the code for you, which you can copy and paste. For a user ‘abc’ and password ‘abc’, I got this (but it generates a new one everytime) -

abc:9476nIHW7Esgw

Step 2 – Create .htaccess file with the code below. It can be created using any text editor (like Notepad) and saved without the .txt extension. Remember to double check the location of the htpasswd file, or it will not work. You can change ‘Login Details’ to whatever you want displayed on the pop up alert.

AuthUserFile /home/user/domain/secretfolder/.htpasswd
AuthType Basic
AuthName "Login Details"
Require valid-user

Step 3 – Upload both these files in the same folder which you want to protect  (in this case ’secretfolder’). Now whenever anyone accesses that directory or any files in it, they will be asked for login details. You web directory is now secure.

NOTE – You might not be able to see these files on your server since they are hidden files. I use Filezilla FTP client and often use the “force showing hidden files” option to view these files. Also remember that these files can be created easily in Notepad but save without .txt extension (Save a type -  choose “All Files”, then you can save without any extension). If the Login window keeps popping up,  most probably your login details are wrong.

OPTION - Here are some simple scripts to protect webpages, but they are only the first line of security. However, they are easier to implement as they can be simply inserted in the webpage  HTML code.

WARNING: .htaccess is a very powerful file to mess with and if wrongly configured can make your site inaccessible. If you are not sure of what you are playing with, seek professional tech support from your hosting provider. Edit your .htaccess at your OWN RISK, we bear no responsibility for the same and cannot provide support.

RSS Subscribe RSS feed     Bookmark and Share



4 Responses to “How to Password Protect Directory Using .htaccess”

  1. Nirmal says:
    July 15, 2009 at 11:07 pm

    Nice article and also very useful. But shouldnt that warning be at the start of the article?

    Reply
  2. Michael says:
    July 16, 2009 at 10:55 pm

    Great tutorial, I will definitely use this code. Thanks!

    Reply
  3. Sarpras says:
    July 17, 2009 at 8:52 am

    Good article, i get very helpful information.

    Reply
  4. Azhar Ahamed - Indian Blogger says:
    July 24, 2009 at 5:36 pm

    Nice article, I will book mark this

    Reply

Leave a Reply

  • Subscribe free daily email newsletter Why?
  • RSS   Feed readers   Add to Google Reader or Homepage   Twitter
writeWrite a guest article - Showcase your site to our active community of bloggers, technology experts, and geeks. Now read 100+ guest articles
Jobs
Jobs on SEO | Blogging | SEM | Marketing | Software | More...
Jobs in Google | Yahoo | Microsoft | Adobe | Ebay | Cisco | Intel
Post a job - only $50 for 30 days! | 8 more reasons