Password protect directory with Apache using .htpasswd. Apache guides, tutorials and help

Date Posted: Tuesday 02nd of February 2010 | Category: Apache

Password protect directory with Apache using .htpasswd
Password protect directory with Apache
Password protecting a directory with .htpasswd
To password protect a directory on your webserver, I first edited my apache.conf file, using the following command in the terminal:-

sudo gedit /etc/apache2/apache.conf

Your apache.conf file should now be ready for editing.
Place this code at the bottom of your apache.conf file and save it.

<Directory />
Options FollowSymLinks
AllowOverride None
AuthType Basic
AuthName "ENTER ANYTHING YOU LIKE"
AuthUserFile /var/www/.htpasswd
Require valid-user
</Directory>

You now need to make two changes to the code. These are listed below.

Change the AuthName
The AuthName is what is displayed in the password box when it pops up, asking for a username and password

Change the AuthUserFile
Specify the location of the .htpasswd file. In my case it is located in my var/www
Save the file again.

TIP:For extra security you could place this somewhere else in your directory.

It’s now time to create the .htpasswd file, which will be saved in var/www

I found a great site for creating your .htpasswd file.
Visit http://www.4webhelp.net/us/password.php

Enter your name and then your password.

Press the encrypt button and it will generate some code for you.

Copy this code into a new text file and save this as .htpasswd

Drop this file in to your var-www directory and restart Apache2

To restart Apache2. Enter the following code in the terminal.

sudo /etc/init.d/apache2 restart

Now access your website. For example http://localhost or 127.0.0.1

If everything goes as planned, a security box should now appear asking for your Username and Password.

Enter the username and password you specified earlier. You should then be able to access the protected directory on your server.

Enter the wrong username and password to make sure it’s working properly.

Your .htpasswd file is now complete and you have learnt how to protect a directory. Other experienced users may know of other ways to do this. I would not know what to do for more than one password protected directory.