How to Password Protect Files and Folders

There are many ways to password protect a website. One of the best and easiest ways to do this is using .htaccess  and .htpasswd  files. This is a server-based password protection, that don’t affect the performance or speed of a website.

Before you setup the password protection

This password protection will be valid for a folder, with all underlying files and folders. A valid username and password will be requested when accessing the folder/URL using a web browser.

The .htaccess and .htpasswd files are plain text files. Before you start this guide, you need to login to your webserver and navigate to the folder where you want to setup the password protection, either using SSH/terminal login or an SFTP client.

Password protection using .htaccess

Time needed: 10 minutes

When you are logged in and have navigated to the correct folder, feel free to proceed.

  1. Create – or edit if the file already exists – a file named .htaccess . 

    Add the following lines to the end of the file:
    AuthType Basic
    AuthName "Password Protected Area"
    AuthUserFile /path/to/home/folder/.htpasswd
    Require valid-user
    Replace the path for AuthUserFile with the full server path to the folder. Save and close the .htaccess  file.

  2. Encrypt username & password combination

    Run the following command on the command line of your terminal:
    htpasswd -nb username password
    Replace the username and password values as desired. The command will output the username with an encrypted version of the password. Copy this output.

  3. Create a file named .htpasswd .

    Paste the output from the htpasswd  command in this file. Here is an example of what that would look like: username:$apr1$D.jYL.fA$404/RNS4YH/4AwfBxsl3S0
    Save and close the .htpasswd  file. Now, the password protection using .htaccess  and .htpasswd  will be setup and active.

  4. Additional users

    If you need to add additional users for the password protection, repeat steps 2 through 3.

If you have any questions, feel free to reach out us!