Knowledgebase: Hosting FAQ
Password protecting directories
Posted by - NA -, Last modified by Wayne Smith on 19 March 2014 08:16 AM

Adding a password to a directory on the site can be done via the hosting control panel.  On the domain's main page, click the Protected Directories button to add or edit a directory.

 

Some directories may not be accessible via this method, such as subdomains.  For those directories, a regular .htacces/.htpasswd file can be used.

1. You will need a username and password to begin. The easiest way to generate this password in a format the web server will utilize is by going to the following web page:

http://www.widexl.com/remote/password-generator.html

2. That web page will let you generate the encrypted password text. Place this text, we'll use "abcdefg" as an example encrypted password and "myuser" as an example username, in a file named .htpasswd with the leading period as shown. Here are the contents of your new .htpasswd file:

myuser:abcdefg

3. Place your new .htpasswd file in an area of your account not served by the web server for safe keeping. A recommended directory is your private/ directory, NOT the httpdocs or cgi-bin.

4. The next step is to create a .htaccess file, again with the leading period on the file name. In this file, you will place the following, replacing with your FTP user name, and replacing "domain.com" with your site name.  

AuthType Basic
AuthName "Protected Site"
AuthUserFile /var/www/vhosts/domain.com/private/.htpasswd

require valid-user
order allow,deny
allow from all


You'll notice how for the "AuthUserFile" line there is a specified path to the .htpasswd file you created and uploaded earlier; you must know the full path to your .htpasswd file as well.  Contact support if you aren't sure of the correct server path to use in the AuthUserFile line.  The path information is also listed in your hosting account set up document.

The next part limits all requests for documents in the current directory, and under it, to a "valid user" listed in your .htpasswd file.

5. Place your new .htaccess file in the directory you'd like to protect, it will now require authentication to get to it or anything under it.

6. Advanced users may want to research the .htgroup file which provides a way for you to specify groups of users that can access protected portions of your site.

7. Mac users, if you have trouble saving a file beginning with a "." on your local computer, FTP the file to your website as "htaccess" and then use your FTP client to rename the file to ".htaccess"

(403 vote(s))
This article was helpful
This article was not helpful

Help Desk Software by Kayako support.miva.com/supportsuite/index.php?