Password protecting a website folder

Sometimes you just need to do this directly. There are lots of utilities in server administration programs such as cpanel, plesk or virtualmin that will do this for you but if you have shell access here is the quick way.

First edit your .htaccess for the relevant folder (your root folder if you want to protect the whole website) to tell apache that it is only going to allow access to the specified user by adding these lines to the top of the file (make sure path is not in your accessible web folders - your home folder is usually a good place.:

AuthUserFile <path>/.htpasswd
AuthName "Under construction"
AuthType Basic
require valid-user

Next create at least one valid user in the .htpasswd file with:

~$ htpasswd -b .htppasswd test test

This creates a user 'test' with the password 'test'. You may need something a little more secure but this will be enough to deter casual browsing and bots.


There are currently no comments

New Comment


required (not published)


Australia: 07 3103 2894

International: +61 410 545 357