All hosting accounts come with the ability to set up htaccess password protected directiories for protection of your web pages.
By setting password protection on a web directory, all pages within that particular directory are restrictead. You can only password protect directories and all files and directories in that directories. You can not password protect individual files.
To password protect a directory you need to place special files within the directory. The files must have the names ".htaccess" and ".htpasswd". To create these files use a text editor such as "Notepad".
Making the ".htaccess" File
Here is an example of the contents of a .htaccess file
AuthUserFile /home/sites/www.yourdomain.com/web/foldername/.htpasswd AuthName RealNameHere AuthType Basic AuthPAM_Enabled off require valid-user
Looking at the first line of the example above, "yourdomain.com" must be replaced with your actual domain name. The job of the first line is to tell the web server where your ".htpasswd" will be. You will need to edit the first line so that it points to the real location of your ".htpasswd" file. Since you are putting the ".htpasswd" file in the folder you want to protect, you can use the path of this folder in the first line of the .htaccess file.
The second thing that you will need to change is the part of the second line where it says "RealNameHere". You can change this to anything you want (if you include spaces then the string must be enclosed in double quotes). It is just a title that shows up on the security login box when someone tries to view the protected directory.
Once created your .htaccess file is ready to be saved and uploaded to the web server. Hint: If you are using Windows, you may have difficulty saving your .htaccess file with the .htaccess file name. To avoid this, save your file without the leading "." and rename your file through FTP after it has been uploaded to the protected directory.
For details on how to upload files to your site, please see the Uploading Files using ftp .
Making the ".htpasswd" File
The .htpasswd file, is a file that stores the usernames and passwords for the users that are to have access to the protected directories. Passwords are stored in an encrypted form. In order to generate the user information with an encrypted password, you must visit our "Apache Password Generator" web page which can be found by entering the following URL into a browser. (http://web9.2020media.com/other/htpasswd.jsp)
Here is an example of what the .htpasswd file should look like.
user1:BUk/xqLqKF.2k
user2:rNa5zU.OdDsqY
You need to create your .htpassword file in a text editor, just as used for the .htaccess file. Looking at the example in more detail, the first part of the first line "user1" correseponds to the first username that will be created. "BUk/xqLqKF.2k" corresponds to the encrypted password that will be used to access the protected directory by this user. The second line is the next user that will be setup. By adding more lines more users will be created. There is no limit, it is possible to make as many users as you require.
When finished your .htpassword file is ready to be saved and uploaded to the web server. You will need to make sure that the .htpasswd file is uploaded to the correct directory of the web site. This directory should correspond with the first line of the .htaccess file.
Testing your Protected Directory
Make sure that when you uploaded the .htaccess and .htpasswd files through FTP, that they were uploaded in ASCI mode.
You should attempt to view the directory with a browser. If the process has been successful you should be prompted for the username and password. After you have logged in for the first time, you will remain logged in until you close the browser window. However, if you are entering the correct username and password but the login prompt keeps appearing, this usually mean that the server path that you uploaded the .htpasswd file to, does not correspond with the first line of the .htaccess file.
|
