{"id":8775,"date":"2009-07-15T22:44:20","date_gmt":"2009-07-15T17:14:20","guid":{"rendered":"https:\/\/www.quickonlinetips.com\/archives\/?p=8775"},"modified":"2020-05-24T10:21:59","modified_gmt":"2020-05-24T04:51:59","slug":"password-protect-directory-with-htaccess","status":"publish","type":"post","link":"https:\/\/www.quickonlinetips.com\/archives\/2009\/07\/password-protect-directory-with-htaccess\/","title":{"rendered":"How to Password Protect Directory Using .htaccess"},"content":{"rendered":"<p>Do you want to <strong>password protect a directory<\/strong> on your website?<strong> .htaccess<\/strong> is a powerful file which can easily password protect your files and folders in your web directories. I share this new skill I learnt while\u00a0 implementing it on our site.<\/p>\n<p>Lets suppose you want to protect the folder &#8216;secretfolder&#8217; located on this path on your server:\u00a0 <em>home\/user\/domain\/secretfolder<\/em><\/p>\n<h3>Password Protect Directory with htaccess<\/h3>\n<p><strong>Step 1<\/strong> &#8211; Create <strong>.htpasswd<\/strong> file with your desired username and password in any text editor (like Notepad) and save without the .txt extension. It is a good idea to encrypt the password\u00a0 for extra security. Here is a good <a href=\"http:\/\/www.4webhelp.net\/us\/password.php\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">htpasswd encryption tool<\/a> to do just that &#8211; simply enter the username and password and it will generate the code for you, which you can copy and paste. For a user &#8216;abc&#8217; and password &#8216;abc&#8217;, I got this (but it generates a new one everytime) &#8211;<\/p>\n<pre><code>abc:9476nIHW7Esgw<\/code><\/pre>\n<p><strong>Step 2<\/strong> &#8211; Create <strong>.htaccess<\/strong> file with the code below. It can be created using any text editor (like Notepad) and saved without the .txt extension. Remember to double check the location of the htpasswd file, or it will not work. You can change &#8216;Login Details&#8217; to whatever you want displayed on the pop up alert.<\/p>\n<pre><code>AuthUserFile \/home\/user\/domain\/secretfolder\/.htpasswd\r\nAuthType Basic\r\nAuthName \"Login Details\"\r\nRequire valid-user<\/code><\/pre>\n<p><strong>Step 3<\/strong> &#8211; Upload both these files in the <strong>same folder<\/strong> which you want to protect\u00a0 (in this case &#8216;secretfolder&#8217;). Now whenever anyone accesses that directory or any files in it, they will be asked for login details. You web directory is now secure.<\/p>\n<p><strong>NOTE<\/strong> &#8211; You might not be able to see these files on your server since they are hidden files. I use <a href=\"http:\/\/filezilla-project.org\/\" rel=\"noopener\">Filezilla<\/a> FTP client and often use the &#8220;<em>force showing hidden files<\/em>&#8221; option to view these files. Also remember that these files can be created easily in Notepad but save without .txt extension (Save a type &#8211;\u00a0 choose &#8220;All Files&#8221;, then you can save without any extension). If the Login window keeps popping up,\u00a0 most probably your login details are wrong.<\/p>\n<p><strong>OPTION <\/strong>&#8211; Here are some <a href=\"https:\/\/www.quickonlinetips.com\/archives\/2005\/02\/simple-scripts-to-password-protect-your-webpage\/\">simple scripts to protect webpages<\/a>, but they are only the first line of security. However, they are easier to implement as they can be simply inserted in the webpage\u00a0 HTML code.<\/p>\n<p><strong><span style=\"color: #ff0000;\">WARNING:<\/span><\/strong> .htaccess is a very powerful file to mess with and if wrongly configured <strong>can make your site inaccessible<\/strong>. If you are not sure of what you are playing with, seek professional tech support from your hosting provider. Edit your .htaccess at your OWN RISK, we bear no responsibility for the same and cannot provide support.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Do you want to password protect a directory on your website? .htaccess is a powerful file which can easily password&#8230;<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"_kad_post_classname":"","footnotes":""},"categories":[6,7],"tags":[49],"class_list":["post-8775","post","type-post","status-publish","format-standard","hentry","category-blogging","category-security","tag-tutorials"],"_links":{"self":[{"href":"https:\/\/www.quickonlinetips.com\/archives\/wp-json\/wp\/v2\/posts\/8775","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.quickonlinetips.com\/archives\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.quickonlinetips.com\/archives\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.quickonlinetips.com\/archives\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.quickonlinetips.com\/archives\/wp-json\/wp\/v2\/comments?post=8775"}],"version-history":[{"count":0,"href":"https:\/\/www.quickonlinetips.com\/archives\/wp-json\/wp\/v2\/posts\/8775\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.quickonlinetips.com\/archives\/wp-json\/wp\/v2\/media?parent=8775"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.quickonlinetips.com\/archives\/wp-json\/wp\/v2\/categories?post=8775"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.quickonlinetips.com\/archives\/wp-json\/wp\/v2\/tags?post=8775"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}