htaccess for Password Protection - cPanel Tutorial Ch.9 | Web Hosting Articles & Tutorials

htaccess for Password Protection - cPanel Tutorial Ch.9

Hypertext Access or htaccess was originally created as a default name of the Apache server directory configuration file. Its purpose is to provide the power to customize directories of a server’s primary configuration file. These directives are all required to be in .htaccess context and can only be used with the correct command lines. The .htaccess file controls not only the directories it was created in, but all subdirectories within it as well.

As one of the most effective configuration files, htaccess is rather critical to your website. Keep in mind that the most minimal syntax error, such as an omitted space, can result in the malfunction of your server. It is very critical to use MySQL or PHPMyAdmin to backup your website, this includes any original .htaccess files. Any changes that need to be made to .htaccess can easily be made within your cPanel. We will get to that a little later.

When it comes to using the .htaccess file, options within your web hosting server seem unlimited. With great power also comes great responsibility and risks. By making one small mistake with the .htaccess file you run the chance of making your whole site dysfunctional. The best way to manage your .htaccess files is certainly through the cPanel. Your advanced administrative area will write the files out for you and is typically a safer method opposed to editing them on your own.

Many benefits come along with the .htaccess file, but protection is perhaps its most famed area.
Password protecting your directories and website can be done several ways yet is easily managed by way of the cPanel. Here is a perfect example:

- First log into your cPanel
- You will then find the htacess/htpassword creator tool on the page. From there you will create a username and password you would like to use for the designated directory.
- Click on the “create file” tab
- You will then create two files, .htaccess and htpasswd

The first box on the tool page will then read something like this:

AuthName “Password Protected Directory”
AuthType Basic
AuthUserFile /your/server/path/.htpasswd
require valid-user

The AuthName field is something that may be changed as this will translate a prompt that asks for a user’s credentials. You may wish to type in “You Must Be Logged In To Do That” or “Password Protected Area”. You must change the AuthUserFile path and assure that the modified location is placed above the documentroot. Refer to the example below.

/home/username/www/secure/ - secure folder
/http://www.domain.com/secure/ - accessing domain
/home/username/www/ - where all files are served from
/htpassword: /home/username/passwords/ - the storing of our password

This is how our .htaccess file would now translate:

AuthName “Password Protected Directory”
AuthType Basic
AuthUserFile /home/username/passwords/.htpasswd
require valid-user

From the second box of the page you will copy then paste this code into the new htpasswd file. This normally takes no longer than two to three minutes to complete after the first trial, a fairly simple process that adds great protection for your website.

Share this article: