The scenario is that you have a group of files within a folder that you want to password protect. You want to keep them secure from prying eyes.
I did write huge tutorial on this using the shell but then a)wordpress decided to have a fit and lose the work (que: Anger) and then I thought b) a lot of people may not have shell access and c) a lot of people probably don’t care so here is the short version using our .htpasswd creator tool.
Firstly you will need a directory which you wish to secure. In our example we will be using the cpanel directory structure:
/home/username/www/secure
We will be securing the “secure” directory. We will be using the following credentials in this example:
username: admin
password: password
Go to the .htaccess/.htpasswd creator tool page. Enter the username and password you wish to use to secure your directory. For us this is admin:password.
Click “Create Files”
Create two text files. One called “.htaccess” and one called “.htpasswd” (without any of the quotes).
From the first box on the tool page:
AuthName “Password Protected Directory”
AuthType Basic
AuthUserFile /your/server/path/.htpasswd
require valid-user
You can change the AuthName text as this is what will be displayed on the popup prompt asking for user credentials. Perhaps “Login Required” or “Protected Area” are more suitable to you.
You will HAVE to change the AuthUserFile location and you MUST ensure that the new location is above your documentroot.
In our cpanel example:
Secure folder: /home/username/www/secure/
Accessed by: http://www.domain.com/secure/
Our document root : /home/username/www/ (as all our files are served from here)
We would store our .htpassword: /home/username/passwords/ (.htpasswd)
Therefore our .htaccess file would look like:
AuthName “Password Protected Directory”
AuthType Basic
AuthUserFile /home/username/passwords/.htpasswd
require valid-user
From the second box you simply copy and paste this into your new .htpasswd file which you would upload to your AuthUserFile directory (e.g. : /home/username/passwords/)
There, can’t ask for anything more simple really.
After you have done this for the first time it should take you no more than a minute or two to complete.
If you are experiencing any problems, do check your logfiles (this is based on cpanel locations):
tail -f /var/log/httpd/access_log
tail -f /var/log/httpd/error_log
Depending on how your server is set u, you may also have an error_log file in the directory you are trying to secure so be sure to check there as well for localised errors.
Let me know if you have any problems.
