How do I password protect a directory on my Web Site?
If you have a Legacy Advanced or Premium Shell Account or a VPS with Shell access you can set up a simple user authentication.
Let's say you want to restrict access to the directory "secret" to those with a valid username and password.
http:/yourdomainname/secret/
Configuration
Following the steps below.
-
log on to your account using an SSH client.
Use your account FTP host as hostname (usually your domain name), and the FTP loginname and password that have been provided to you with your setup information.
- Create a file named .htaccess in your /docs/secret
directory that allows only allow one user (Fred)
to access the directory. The .htaccess file must reside
in the /docs/secret directory in order to control access
to the docs/secret directory.
You can create the .htaccess file while connected SSH to your Virtual Server (using a file editor like pico, for example)
or you can create the file on your own PC and Upload it via FTP to your Virtual Server. The file should contain the following text:
Substitute your Virtual Server login name for <loginname> below.AuthUserFile /usr/home/<loginname>/etc/.htpasswd
AuthGroupFile /dev/null
AuthName MySecrets
AuthType Basic
<Limit GET>
require valid-user
</Limit> -
Now log on to your account using an SSH client.
Use your account FTP host as hostname (usually your domain name), and the FTP username and password that have been provided to you with your setup information.
Good SSH clients include:- Windows: SecureCRT ( $99), PuTTy (Free)
- Mac:
NiftyTelnet
1.1 SSH (freeware)
You can also check for other free SSH clients for Mac and Windows on the OpenSSH web site.
SSH Set Up:
Settings for your SSH software should be:
- Protocol:
SSH2
( for SSH2, the "SSH Server Type" should be: "Standard") - Cipher: 3DES
- Create a directory/folder named /etc/ and give it permissions 777
- Use the htpasswd command to set a password for
the new user.
Substitute your Virtual Server login name for loginname below.
% htpasswd -c /usr/home/loginname/etc/.htpasswd Fred
You are free to use a different name or directory location for the password file. Just change the /usr/home/loginname/etc/.htpasswd line in the .htaccess file above to whatever you want.
Note: When adding users to an existing .htpassword file, Don't use the -c flag.
The -c flag indicates that you are adding a user to the .htpasswd file for the first time. When you add more users and passwords to the same .htpasswd file, do not use the -c flag, as that will erase all your previous entries in the file.Use:
% htpasswd /usr/home/loginname/etc/.htpasswd Bill
% htpasswd /usr/home/loginname/etc/.htpasswd Rick
NOTE: