.htaccess Tutorial - Password Protection
You can use username and password authentication to restrict
access to a directory and its subdirectories.
When someone tries to access such a directory, they see
a popup, asking for user name and password.
1. Create the .htaccess file
Use the lines below to activate authentication.
AuthName "Private Area"
<Limit GET POST>
Replace username with your user name. The first line
tells .htaccess where it can find the user/password file.
Different 'groups' can be used. As this tutorial is for beginners, we won't
specify a real group file.
The AuthName value specifies the Realm value.
The remaining lines specify the types of requests which are
restricted and the authentication method used.
2. Create usernames
There are several ways to create the .htpasswd file which
.htaccess reads to verify valid user info.
If you are hosted by us, the control panel can handle all
of this for you. Others can use the .htaccess tool.
This can also be done using a Unix shell. Open a SSH connection and enter the below command.
htpasswd -c .htpasswd username
You will be asked to enter the password for this user twice. The -c
flag makes the htpasswd command create a new file. Add users to an existing file as show below.
htpasswd .htpasswd username
Replace username by the user name you wish to have
access to the .htaccess protected directory.