28 November 2010

.htaccess file Part 2:Provide Password protection to directories in a Website

In my previous post, I had given a brief explanation of .htaccess file and it's uses which is commonly used by web masters.
If you haven’t read it till now. Have a look

Click Here

Today I will explain you How to give Password protection to directories using .htaccess file?

Password protection of directories in a website is the most popular use of .htaccess file. Many web hosts provide an inbuilt support for this, but many don’t.In that case you can use .htaccess file for giving protection to your directories.

We can give Password protection to a directory using .htaccess in two steps which are as follow.

1:-The very first step is to add following lines of code to your .htaccess file in the directory which you want to protect.

AuthName "Area Name"
AuthType Basic
AuthUserFile /fullpathto/.htpasswd
Require valid-user

1:- AuthName- Here we will specify area which we want to protect, we can give it any name of our choice. For example “Admin Area”.
2:-AuthUserFile- Here we will provide a full path to .htpasswd file which will store usernames and passwords.
3:- AuthType and Require will remain same as it is

2:-Creation of .htpasswd file

The .htpasswd File stores all the usernames and passwords which are allowed to access the specific directory.This file should be placed anywhere outside the root directory or you can also place it inside the root directory ,but former will ensure more security

After you create .htpasswd file ,you must enter the usernames and passwords. The usernames and passwords should be entered in following format:


where the password is the encrypted format of the password.

For multiple users, we can add extra lines to this file in the same format as shown above.

Now whenever you try to access a specific directory then your browser will show you a pop up dialog box, where you have to enter your username and password in order to access it

If you don't understand any part then feel free to ask