Skip Navigation

Using passwords to protect directories

Things you'll need

  • a text editor, such as Notepad
  • a FTP program, such as FileZilla
  • FTP user name and password
  • Full directory path, such as /home/xxxxx/xx/xx/yourdomainname/
    This can be found in your Toolkit(on My Services Overview page).

Instructions

There are two files you need to create that work together to password protect a folder on a Linux hosted website.

In the folder that you need to protect, you need to place a file called .htaccess, which contains instructions for the web server to make that folder protected.

On the top level of your web space, you need to place a file called .htpasswd. The top level of your site is the same directory that your public and cgi-bin directories sit in. This file contains the user names and their respective encrypted passwords, stored one per line.

Note    The dot at the beginning of .htaccess and .htpasswd signify a hidden file on the Linux server, your FTP program may not always be able to see or deal with them. We recommend you follow these steps carefully.
  1. Type the user name in the Folder user name field.
  2. Type the password in the Folder password field.
  3. Click Submit.
Folder user name:
Folder password:
 

.htpasswd

  1. In a text editor, create a file called htpasswd.txt.
  2. Copy the text in the following field and paste it into the htpasswd.txt file. If you need multiple users and passwords, repeat the above submit and paste each entry in, one per line.

  3. Save the file.
  4. Use the FTP program to connect to your web space.
  5. Ensure you are in the top level directory of your web space (ie, directory that your public and cgi-bin directories sit in).
  6. Upload htpasswd.txt.
  7. Rename the file to .htpasswd

.htaccess

  1. In a text editor, create a file called htaccess.txt.
  2. Copy the text in the following field and paste it into the file.

  3. Replace /path/to/ with the full directory path.
  4. Save the file.
  5. Use the FTP program to connect to your web space.
  6. Ensure you are in the directory that you want to password protect.
  7. Upload htaccess.txt.
  8. Rename htaccess.txt to .htaccess
Note
  1. As soon as you rename htaccess.txt to .htaccess, it will start attempting to password protect that directory.
  2. The directives inside a .htaccess file will take effect for the directory you upload it to and any of it's subdirectories. If the .htaccess file is in your www directory, it's directives will apply across your entire site.
  3. When you are testing the password protection, it is common for .htaccess details to be cached by your browser. If it is not working as expected, clear the cache in the browser and test again.
  4. Visit httpd.apache.org for more information on htaccess.

  Find Answers

  Help

User Guide Click the user guide to find out how to use Ilisys online support.

  Contact Us

Ask a Question Submit a question to our support team.

You can also ask a support question from within the Toolkit.
Contact Us If you can't find what you're looking for on our site, give us a call on 1800 995 645.

Monday - Friday
08:00 - 20:00 AEST
Weekends
09:00 - 17:00 AEST

Twitter updates