Home -> Knowledgebase -> Hosting -> Password Protected Pages
Password Protected Pages

This page describes how to protect sections of the web site with a password. This can be used to only allow access to particular people.

 

NOTE: You can only protect directories, not individual files.

You can password protect any directory by placing the files .htaccess and .htpasswd into the directory you wish to protect.

Examples are as follows:

.htaccess:

AuthUserFile /data/htdocs/a/adomainname/directoryname/.htpasswd
AuthName "2020MEDIA"
AuthType Basic 


<Limit GET POST PUT> 
require valid-user
</Limit>

.htpasswd (examples only!- you must create your own usernames) :

user1:BUk/xqLqKF.2k
user2:rNa5zU.OdDsqY


How to Use:
The first line "AuthUserFile" contains the path to your directory. This is normally the first letter of the domain name of your site, followed by the domain name itself ( but without .co.uk or. com ). ie: if your website was www.mother.co.uk, and you wanted to protect a directory called 'members' , the AuthUserFile line would look like this:

 

AuthUserFile /data/htdocs/m/mother/members/.htpasswd

 

The path given above is an example only - please check with us for the correct path to your site.
The information in the password file must be generated by a program.

How to create the .passwd file: This is a file that is in your directory that will contain users passwords. The passwords are encrypted, so if some one sees the file, they will not be able to see the password.

To generate the username and password click here, and entering username/ password combinations that will allow access to the site

Create these two files in a plain text editor and save them with the filenames shown. Do not give them any extension (like .txt or .doc) Upload both of these files in ASCI mode into the directory you are trying to protect and then attempt to view the directory with a browser. You should be prompted for your username and password. Once you have logged in once, you will normally stay logged in until you close the browser window.

For further information consult any of the many books on Apache Web server, or see http://www.apache.org.

Final Tip:

You can change "AuthName" to anything you want - this is just a title that shows up on the security login box when someone tries to view the protected directory. Make sure you enclose it in quotation marks " " if you are using more than one word.