HTML password protected

Password protecting a website (or a sub directory within a website) can be done easily thanks to two special files called .htaccess and .htpasswd

First, in the directory that you want to be protected, copy and paste the following code into a file called .htaccess :

AuthType Basic
AuthName "restricted area"
AuthUserFile /path/to/the/directory/you/are/protecting/.htpasswd
require valid-user

The exact path to the file is obviously important. Be aware that if wrong, it will still ask for a password but nothing will seem to work.

Second, you need to create the .htpasswd file, which looks like:


The .htpasswd file should be made of one username and password per line, separated by a colon.
The password is encrypted so you will need to use a special tool to encrypt your password in this way (MD5).

Under Linux,you can type

echo -n "password" | md5sum | cut -d ' ' -f 1

or you can use the apache tool called htpasswd:

htpasswd -d -nb username password

Here -d means use the CRYPT protocol (note that there is a random seed so you may have several crypted passwords for a single password.

There are also quite a lot of online generator to be used if you do not have the tools mentionned above. Finally note that there are several protocols (CRYPT, MD5, SHA). It depends on your system. For instance MD5 is for apache servers only.

Please follow and like us:
This entry was posted in Internet related and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published.