Saturday, April 16, 2011

.htpasswd tutorial

Apache offers you to protect a folder and its subdirectories with .htaccess files. Learn how to protect your data in only two quick steps!

1. Create an .htpasswd file

Your .htpasswd file will contain the usernames and crypted password of the users who will be allowed in the directory you want to protect; htpasswd files typically look like this:


Blue parts represent user name, and red are password encrypted with a specific algorithm.

How to generate htpasswd file ? Just:

  1. create an empty file named .htpasswd
  2. use this online htpassword generator, type the users you want to add and copy the generated text
  3. paste the text in the empty file you created in the first step
  4. save it of course!
VoilĂ , your htpasswd file is ready!

2. Configure the .htaccess

Create a file named .htaccess at the root of the folder you want to protect, if it does not already exists. Paste this few lines in the file, then save it:

AuthName "Type a custom text here"
AuthType Basic
AuthUserFile /full/path/to/the/.htpasswd
AuthGroupFile /dev/null
require valid-user

You will have to specify the location of your .htpasswd file (red path) for this to work properly.

Congratulations! You just finished protecting your folder with htaccess and htpasswd files. Test it in your web browser!

No comments:

Post a Comment