arrow_upward

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
How to password protect some Web pages in Apache with .htaccess
#1
Objective
Your objective is to password protect some of your Website pages (not all of them). 


Method
For this you can use .htaccess in Apache.  Principle of  how it is done is to create a .htpasswd file and save it in a directory above the public_html directory.  Then create a separate directory in your public_html folder.  Then create and upload an .htaccess file in the separate directory that will password protect the content of that directory only.


Step 1 - Create and Upload Password File .htpasswd
Create an encrypted user name and password string at the following Website:
http://www.htaccesstools.com/htpasswd-generator/


Then use a text editor to copy and paste the encrypted login and password string and save the file as:  .htpasswd


Upload the file one directory up from the public_html directory so it isn't publicly accessible.  Make sure it has 644 privileges.


If you want to use more user names and passwords just add them line by line (after you have encrypted them)


Step 2 - Create and Upload .htaccess file
Use your text editor to create a .htaccess file with the following code in it and to save it as a .htaccess file:


AuthUserFile /full/path/to/.htpasswd
AuthType Basic
AuthName "My Secret Page"
 
<Files "mypage.html">
  Require valid-user
</Files>

Be very careful with the section where you provide the path to the password file (first line of code).  The full path is the path to the file from the Server's root e.g. /home/username/.htpasswd or C:\wwwroot\username\.htpasswd. Also make sure that the quotes are straight quotes.


Step 3 - Test It
When you access your password protected file, you should be prompted for your login and password


Step 4 - Troubleshooting
Check that the path to your .htpasswd file on the server is correct.  In most cases this is where the problem lies.  Also make sure that both the .htpasswd and .htaccess files have the correct privileges - chmod 644.
Also check that you uploaded the files to the correct folders.
Terminal
Thank you to Post4VPS and VirMach for my awesome VPS 9!  
#2
(04-06-2018, 11:21 AM)deanhills Wrote: Objective
Your objective is to password protect some of your Website pages (not all of them). 

@deanhills dude just to confirm, you were saying that only a certain web pages can be password protected? lets say my website have 5 section category if a guess visit my website and open that certain page a login pops out? is that correct?
#3
@Vuluts

Let's take some example.
You have 3 file inside /var/www/html/public_html named "a.html", "b.html" and "c.html". Nah afterthat, maybe file "a.html" is a file you don't want everyone to see. So you want to encrypt them with password.
Then you're doing like @deanhills tutorial, and if you open localhost/a.html, it shows you to input/insert your password. But, "b.html" and "c.html" doesn't require you to input the password.

That's how it works.
Thanks to Limitless Hosting and Post4VPS for providing me excellent VPS 13!
#4
Wow, helpful! Thanks for that @deanhills,i will try it soon on my website!
#5
Good tutorial. Between .htaccess method won't work with all browsers , for example UC Browser. In php pages I use session based login to protect the pages.


Thank you  Sweet



#6
(04-25-2018, 02:07 AM)Littlemaster Wrote: Good tutorial. Between .htaccess method won't work with all browsers , for example UC Browser. In php pages I use session based login to protect the pages.
True.  And some Servers for free hosting accounts don't like .htaccess to be enabled for their users.  However with a VPS it should work in most cases, and also with most browsers.
Terminal
Thank you to Post4VPS and VirMach for my awesome VPS 9!  



person_pin_circle Users browsing this thread: 1 Guest(s)
Sponsors: VirMach - Host4Fun - CubeData - Evolution-Host - HostDare - Hyper Expert - Shadow Hosting - Bladenode - Hostlease - RackNerd - ReadyDedis - Limitless Hosting