Quick and easy htpasswd restricted access

Ever wondered how to password protect a directory on your web server. This article will explain how its done.

I should warn the htpasswd files are quite insecure. If you are also using https then you should be fine, but with normal http your username & password are transmitted over the Internet in the clear. So in addition to these steps you’ll want to take others to really secure your site.

  1. Create a .htpasswd file and add its first user. This can go anywhere you like. I put mine in the actual directory I want to secure. The command might be
     htpasswd -c /foodotcom/restricted/.htpasswd adminuser
  2. Create a directory section for your secured directory
     <directory /foodotcom/restricted/> AuthType Basic AuthName "Whatever you want to appear in the dialog box" AuthUserFile [path to your .htpasswd file from step 1] require valid-user </directory>
  3. Test the new apache config to make sure it is valid syntax.
     apachectl checkconfig
  4. Restart apache
     apachectl restart

Leave a Reply

Your email address will not be published. Required fields are marked *