Setting up a password protected directory

Using an .htaccess file to password protect a folder

There are two steps to protecting a folder with a .htaccess file.

Step 1:

Using Notepad (or another text editor), create a file called .htaccess (please note the period). Enter the following text in the file:

AuthUserFile [HOME PATH]htpasswd/[FOLDER]
AuthName "Please enter your username and password"
AuthType Basic

require valid-user

Replace [HOME PATH] with your Zenutech account’s home folder path. To find your Zenutech account’s home folder path, login to the Zenutech Control Panel and on the main page look for ‘Home Path’ under the ‘Web Development’ box. If you are already logged into the Zenutech Control Panel and want to access the main page, click ‘Zenutech Control Panel’ icon in top left corner.
The [HOME PATH] should look something like /home/youruser/ and the entire ‘AuthUserFile’ filepath should look something like /home/youruser/htpasswd/folder_to_protect_as_filename
You will need to create the htpasswd/ folder as mentioned below in this article.

Replace [FOLDER] with the name of the folder you are protecting. For example, if you want to protect, then [FOLDER] should be changed to ‘members’. If you want to protect a subfolder, such as , then [FOLDER] should be named ‘subfolder7′.

Save this .htaccess file; it must be called ‘.htaccess’ with no file extension after the name. Then upload the file into the folder you want to protect. Now when you visit that folder, you will be asked for a username. There still isn’t one setup, though, so keep reading!

Step 2:

Begin by creating a file with the same name as the [FOLDER] from above that you want protected. This file will hold the usernames and passwords that have access to the folder.

We now need to created encrypted password(s) to store in this file. This is accomplished with a tool called ‘htpasswd’, which is available for free on a number of webpages, such as this one. Run each username and password through the tool, and then enter the username with the encrypted password into the file. For example, with username ‘mary’ and password ‘blackpin123′, enter this into the file:


Each user should be on a seperate line, the semi-colon (:) is not part of the encrypted password; it is just there to indicate to the server that the username is on the left and the encrypted password is on the right. On the server, you will need to create a folder in the root of your FTP structure(i.e. /home/youruser/) named ‘htpasswd’. Now you can upload the new file to this folder.

All that remains is for you to try it out!

Posted 2008-06-16 in Site Management