Last week I learned how to password protect a web site, or section of a web site. It’s pretty easy but there are two catches: 1) the web site needs to be hosted on a UNIX server (ask your web host if you’re unsure) and 2) this will keep out plenty of folks, but it’s not foolproof.
To password protect a site you will need to write and upload two files onto your web site. The first one is called .htaccess and is placed in the directory you wish to restrict.
Step 1: Create a text file that looks like this (the bold portions are variable):
AuthName Byte Subscribers
require user valid-user
Step 2: If necessary, change the variable info.
AuthUserFile is the path to the .htpasswd file and is the folder that will be password protected. You may need to call your web host to get this path.
“AuthName” is just a short description of the secure area.
Step 3: Save this file into the folder you want to protect. In this example I’m protecting /www/home/user. I start by saving the file as htaccess.txt. Then I changed the name to .htaccess.
Step 4: Next, create the password file (.htpasswd) that will contain the username(s) and password(s). Mine looks like this:
Create a username and password that make sense to you. (My username and password are ann & byte.) These are what you use when you login. However to create the password file use a password generator (such ashttp://www.flash.net/cgi-bin/pw.pl) to create an encrypted password. Put that encrypted password into the .htpasswd file.
If you want multiple usernames and passwords simply create/generate multiple passwords and add them all to your .htpasswd file – one username-password pair per line (always separated by a colon).
Step 5: Save password file as htpasswd.txt into the same folder as the
.htaccess file. Once it’s saved, rename the file to .htpasswd.
Step 6: Upload both pages and test.
OK, clearly today’s Byte was more technical than most – but I was so excited about learning this and really once you get into it it’s pretty easy.