This email address is being protected from spambots. You need JavaScript enabled to view it.

How to password protect directory web site

.

Implementation of so called basic authentication on the specific directory on the Linux Apache host:

  1. Download htpasswd tool on your Windows computer (extracted from the Apache 2.2 Windows build) to generate .httpasswd file
  2. In command line, execute it with following command line parameters: htpasswd.exe -c .htpasswd my_username, where my_username is username that will be used to authenticate
  3. You will be prompted to enter and re-enter password. Password will be hashed by MD5 algorithm and save in the .htpasswd file
  4. Upload .htpasswd file to the some folder outside Apache root folder, so it's not accessible from web
  5. Using NotePad create .htaccess file that contains:

    AuthUserFile /home/my_dir/.htpasswd
    AuthGroupFile /dev/null
    AuthName EnterPassword
    AuthType Basic
    require user my_username

    Where /home/my_dir/.htpasswd is the location of the .htpasswd (absolute file path) and my_username is same username used in .htpasswd file
  6. Upload .htaccess file to the directory you wish to password protect and that's it, when accessing any file inside that directory, user will be prompted to enter username and password (once per session).
  7. Note: this is very unsecure authentication method as password is sent as plain text via internet, so it is advisable to use other username and password then used for ftp/website administration.

 

See List of All Articles from Mini How Archive