Password protect your folders using .htaccess

Written on February 9, 2008 – 7:41 pm | by Sunflyer |

I know there are allready a bunch of tutorials out there on this subject allready, but here it comes again. Just from another site. Its not always secure enough to trust the normal password protections, but to be absolutely 100% you should password protect your most important folders, like wp-admin with .htaccess

Creating the .htaccess file

First open your favorite text editor. Then you type the following into your new document

AuthName "Restricted Area"
AuthType Basic
AuthUserFile /home/usr/.htpasswd
AuthGroupFile /dev/null
require valid-user

This line below points to the other file called .htpasswd where your username and password is stored, make sure you have the correct server path.

AuthUserFile /home/usr/.htpasswd

Save the file as htaccess.txt and upload it into the folder on your server you want to protect, then rename the file from htaccess.txt to .htaccess. Remember the period in the beginning and no extension.

Creating the .htpasswd file

Next is to create the file that contains the username and password. The .htpasswd file

First we need to create a password. This generator is nice and will encrypt your password for you. Enter your username and password, then click the “encrypt” button. I entered “testuser” as the username and password and got this result

testuser:Dcqv.ZLPPkj8.

Copy your username and encrypted password into your new document and save the file as htpasswd.txt

testuser:Dcqv.ZLPPkj8.

Now its time to upload this file, make sure you upload this outside a web accesible area, then rename it as you did with the first file. From htpasswd.txt to .htpasswd

Related Posts

Put your related posts code here

  1. 2 Responses to “Password protect your folders using .htaccess”

  2. By Stonehambey on Feb 18, 2008 | Reply

    When I use htaccess file to protect my wp-admin directory, it stops users from being able to log into the site to post on the forum. Is there any way ruond this?
    :)

  3. By Roger on Feb 19, 2008 | Reply

    when you protect your wp-admin directory with htaccess then your users must have the username and password too, but if you want your users to post without accessing the wp-admin folder, then uncheck the “Users must be registered and logged in to comment” box in Options>>General

    You can also add more users into your htpasswd file, just put each user on a new line

Post a Comment

About me

This is my personal blog where I will write about my experince with running large forums and monetizing them. I will also post reviews of handy webmaster tools Ive used this time, share my experince with you and maybe help you find some cool stuff for your site. More

Want to subscribe?

 Subscribe in a reader Or, subscribe via email:
Enter your email address:  
Find entries :