Client Login

How can I use htaccess to password protect a directory?

Create a file named .htaccess in your web directory that contains the following:

AuthUserFile /home/yourlogin/yourdirectory/.htpasswd
AuthName Secure
AuthType basic
require valid-user

Then in your home directory, type htpasswd -c /home/yourlogin/yourdirectory/.htpasswd newuser (change newuser to the username you want to add). You will be prompted to enter a password and verify it.

This will enable you to secure the directory so that only your new user can enter this directory.

To add additional id/password pairs to the file, leave off the -c, which means 'create a new file'. For example, htpasswd .htpasswd linus will allow a new user named “linus” to also access that directory. You may well want any of the user/password combinations you created in your .htpasswd file to allow access.

To protect other directories, use the -c switch with the command to create a new .htpasswd file for that directory.

Note that you want to store the .htpasswd file in your home/root directory so it is hidden from others. The one drawback to putting your .htpasswd file in your home directory is that you will have to slightly lower the security of your home directory. Go to /home (cd /home/yourlogin) and type chmod +x yourlogin. The WWW server needs execute permission on to read the .htpasswd file.



Was this answer helpful?

Add to Favourites Add to Favourites

Print this Article Print this Article

Also Read