Htacess Password Protection
The following gives you instruction on how
to password protect your website directory with .htaccess.
There are three simple files involved: .htaccess, .htgroup
and .htpasswd all you have to do is make them and ftp
them up to your webserver. You put the .htaccess in the
directory that you want to protect the other two files
go in a directory not visible to anyone but you, get the
path right or nothing will work. If your ftp login is
elvis the path of your directory looks like this: /home/elvis/www/index.html.
Make sure you use an ordinary text editor like windows
notepad or simple text for the Mac.
Step 1: MAKE A .htaccess FILE
It should look like this. The first two
lines tell where .htpasswd and .htgroup are located and
the third line is the title that will be in the password
box that pops up to prompt users for their login, user-list
is just the name of the group that has access its just
a generic term.
require group user-list
Save this file, call it .htaccess and then
ftp it up to the directory that you want to protect.
Step 2: MAKE A .htgroup FILE
This file tells who is in the group "user-list"
the syntax is simple user-list: with a space between each
of the user's names.
user-list: john joe dick harry jane spot
Save this file, call it .htgroup and ftp
it up to the /home/elvis directory.
Step 3: MAKE A .htpasswd FILE
All of the passwords are encrypted so you
have to use a program called htpasswd to generate them.
There are two ways to do this, one if you have a shell
and know how to use it your can telnet to inch.com, login
and do the deed from your shell account by typing: htpasswd
-c .htpasswd username to create the file and add "username"
as the first user. The program will prompt you for a password,
then verify by asking again. You will not see the password
when entering it here but it will appear in this syntax
in the .htpasswd file and your will not have to use the
-c flag when writing subsequent passwords since that creates
the file .htpasswd, you can now ftp it up to the /home/elvis
If all this was gibberish to you proceed
directly to STEP 4.
Step 4: GENERATE YOUR PASSWORDS
Do it the easy way using the Inch Password
Generator. Go to the password generator page and use
it to make as many passwords as you need then cut and
paste them into a text file.
After you've finished cutting and pasting
your file should look something like the file you see
above. Now ftp it up to the /home/elvis directory where
your .htgroup file is located. Now you can give it a try.
Go to the URL of the directory and this window should
Now if everything was done correctly then
you should be immediately authenticated and allowed to
enter the site. If it refuses you, you probably made a
mistake, most likely in the path to the .htpasswd and
.htgroup file in your .htaccess file.
If you want to remove a user then simply use the text editor
you assembled your .ht.passwd file with to remove that user
and his password.-