How can I use htaccess to password protect a directory?

Create a file named .htaccess in your web directory that contains the following:

AuthUserFile /home/yourlogin/yourdirectory/.htpasswd
AuthName Secure
AuthType basic
require valid-user

Then in your home directory, type htpasswd -c /home/yourlogin/yourdirectory/.htpasswd pumpkin.
You will be prompted to enter a password and verify it.

This will enable you to secure the directory so that only user pumpkin can enter this directory.

To add additional id/password pairs to the file, leave off the -c, which means 'create a new file'. For example, htpasswd .htpasswd linus. You may well want any of the user/password combinations you created in your .htpasswd file to allow access.

Note that you want to store the .htpasswd file in your home directory so it is hidden from others. The one drawback to putting your .htpasswd file in your home directory is that you will have to slightly lower the security of your home directory. Go to /home (cd /home/yourlogin) and type chmod +x yourlogin. The WWW server needs execute permission on to read the .htpasswd file.

  • 2 Users Found This Useful
Was this answer helpful?

Related Articles

How do I turn directory Indexing off?

Options -IndexesTurn it back on:Options +Indexes

How do I block a specific domain?

order allow,denydeny from fraudster.comallow from all

How can I setup dynamic/custom error pages?

If you have defined your own custom Error Pages using the "Define Error Pages" tool within the...

How do I do a rewrite instead of a 302 for missing pages?

RewriteEngine onRewriteCond %{REQUEST_FILENAME} !index.htmlRewriteRule /* /index.html [L]

How do I stop off-line browsers/ robot surfers?

RewriteEngine OnRewriteCond %{HTTP_USER_AGENT} ^MozillaRewriteRule /* - [L]RewriteCond...