Site icon Web Niraj

Using .htaccess to Password Protect Directories

.htaccess provides a easy way of password protecting directories on your website, requiring users to enter a username and password in order to gain access. The process involves creating two files on your server – one for protecting the directory, and one for storing the usernames and passwords.

First, create a .htaccess file in the directory you want to protect. In the file, you need to enter the following:

AuthUserFile /path/to/.htpasswd
AuthGroupFile /dev/null
AuthName "Private Area"
AuthType Basic

require valid-user

Next, create the .htpasswd file on your server. This can be at a location not accessible via your site’s host name (e.g. outside of public_html or www folders) or within the directory you want to password protect.

In this file, you can enter the usernames / passwords allowed to access the protected directory, like so:

user1:$apr1$PdOCG6JI$L6nINuh8L2.A5CM6q0H9A/
user2:$apr1$XEvewxg7$dtPPm8vvhxwW5Zo9hudIY1

The above two lines translates into two users, user1 and user2. Each user should be on a separate line. The passwords are as follows: pass1 and pass2, respectively. You can generate your own username and password using this handy website. For the above two examples, I used the MD5 algorithm to encrypt the passwords.

Exit mobile version