How To Password Protect A File Using .htaccess

Infrequently, you need your site to be gotten to by your interior staff or the general population known not just, for instance on the off chance that it is a test site or you need to test your site before making it live. The most ideal approach to do as such is password secure the site. On the other hand if not the entire site, you simply need to ensure a specific folder or file that should likewise be possible. What’s more, it is not troublesome by any means.

To add password protection to your site, a specific folder or any page, you require taking after two things.

A text file that will store the username and password. The password will be stored in scrambled structure

.htaccess that will have the path to the password file

What is .htaccess?

.htaccess is the default name of the Apache directory-level arrangement file. The file contains commands known by the server that advise the server how to carry on in specific occasions. One basic use for a .htaccess file is to limit access to particular files or directories on the Internet or intranet, or to determine a specific page to be gotten to when the file asked for by the program is not discovered (mistake 404).

The most effective method to make the two files required for password ensuring any part of the site

The initial step is to make a basic text file that will store your username and password, isolated by a colon (:). The text file can be made by free web tools accessible on the web. On the off chance that you write ‘.htpasswd generator’ as inquiry text in the web index you will have a rundown of sites offering the htpasswd generator on the web.

On the other hand you can create a password file by making use of htpasswd.

On the off chance that you have SSH access to your web server, you can encode your password and add it to your password file in one pass by utilizing the htpasswd utility that accompanies Apache. Basically SSH to your server or open up a terminal window on your neighborhood machine, compact disc to the folder where you need to make your password file, and type:

htpasswd -c .htpasswd uname

(where uname is the username you want to use. You’ll be prompted to enter and retype your password, then the .htpasswd file will be created for you.)

Creating the .htaccess file

Open your text editor again, create a new file, and save it as .htaccess.

  1. Protecting a folder

To password protect a folder on your site, you need to put the following code in your .htaccess file:

AuthUserFile /fullpath/.htpasswd

AuthType Basic

AuthName ” Secret Folder”

Require valid-user


/fullpath/.htpasswd should be the full path to the .htpasswd file that you uploaded earlier for example, /home/dir/.htpasswd or C:/wwwrootdir/.htpasswd.

The above .htaccess file will password protect all files in the folder that it is put in, and all sub-folders under that folder as well. So in the event that you needed to protect your whole webpage with a password, you would put the .htaccess file in your Web root folder.

  1. Protecting a file

To password protect just a single file in a folder, use the following .htaccess file:

AuthUserFile /fullpath/.htpasswd

AuthType Basic

AuthName ” Secret Page”


Require valid-user



This will password protect just the page.html file in the folder where you put the .htaccess file.

Leave a Reply