Filed under:

Setting Up Basic Password Security

You will need to create a file called .htaccess [Note the DOT!] with the following content :

order allow,deny
allow from all
AuthType Basic
AuthName "My Secure Folder"
----- replace "My Secure Folder" with the name of the Directory to protect
AuthPAM_Enabled off
AuthUserFile /home/sites/www.[yourdomain]
require valid-user

You will then need to create the password file .htpassword
If this is the first user you create the password file with

  • /usr/bin/htpasswd -c /home/sites/www.[domain] [username] [password]
and for subsequent users add them with
  • /usr/bin/htpasswd /home/sites/www.domain-name/.htpasswd [username] [password]

The .htpasswd file will be created in the root directory of your domain which is NOT accessible through the web for security reasons. The file is also encrypted (MD5 Hashed). Once the file is created we delete the password request form. We have no way of determining your paswords and do not retain your requests - it is up to you to remember them !

You should then upload the .htaccess file to the folder you wish to protect

Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read