Web development, coding & SEO

Password protect folders

You need 2 files, named .htpasswd and .htaccess

.htpasswd

• Generate content for .htpasswd file. Google around for a htpasswd generator... http://home.flash.net/cgi-bin/pw.pl
• Enter a desired user name and password, hit Go! You get username:passwd, something like John:Asd34Fgh6vBgt
• Save it into a file .htpasswd.
• Each username:passwd combination should have it's own line in the .htpasswd file.
• Security: Web password files such as those managed by htpasswd should not be within the Web server's URI space, that is, they should not be fetchable with a browser.
• Place the .htpasswd file somewhere aside from web folders, sample: /home/john/.htpasswd

.htaccess

AuthUserFile /home/john/.htpasswd
AuthGroupFile /dev/null
AuthName "foo"
AuthType Basic
<Limit GET>
	require valid-user
</Limit>

Place this .htaccess file in to the folder you want protect, sample: /var/www/sample.com/my-protected-folder/.htpasswd (http://sample.com/my-protected-folder/)

Apache conf

Ensure that the Apache conf file something /etc/apache/apache.conf contains a declaration:

<Directory "/var/www/sample.com/my-protected-folder">
	AllowOverride All
</Directory>

Tags: .htpasswd, htpasswd generator, htpasswd tutorial, htpasswd htaccess, htpasswd file, htpasswd example, htpasswd howto.

2010

---