Ever wondered how to password protect a directory on your web server. This article will explain how its done.
I should warn the htpasswd files are quite insecure. If you are also using https then you should be fine, but with normal http your username & password are transmitted over the Internet in the clear. So in addition to these steps you’ll want to take others to really secure your site.
- Create a .htpasswd file and add its first user. This can go anywhere you like. I put mine in the actual directory I want to secure. The command might be
htpasswd -c /foodotcom/restricted/.htpasswd adminuser
- Create a directory section for your secured directory
<directory /foodotcom/restricted/> AuthType Basic AuthName "Whatever you want to appear in the dialog box" AuthUserFile [path to your .htpasswd file from step 1] require valid-user </directory>
- Test the new apache config to make sure it is valid syntax.
- Restart apache