How to Password Protect a Web Page
There are many ways to implement security on your Website via a huge array of scripts and fancy encryption. If you have a Website and wish to secure an entire section or simply just a page this can be done by using htaccess.
What is htaccess?
htaccess is the default name of the Apache directory-level configuration file. The .htaccess file configures the current directory with things like password protection but can also perform a wide range of other useful techniques. For the purposes of this “how to” we will be using .htaccess to secure an entire directory or simply a single web page.
This is useful because you may have a “members only” area which you want to restrict to certain users or perhaps a private area where you have statistics or information you don’t want publicly viewable.
The first step is to create your encrypted user name and password. There are few places which allow you to do this (free of charge of course!)
http://www.4webhelp.net/us/password.php
http://www.htmlite.com/HTA006a.php
Choose a User Name and a Password and then encrypt to receive a string of text similar to this:
dal:20fnCgEGpRopc
This is your encrypted login info.
Next open up Notepad, you can find this by selecting the Windows Start Button followed by “Run” and typing “Notepad” then hit enter and the Notepad text editor should launch.
Now simply copy and paste your encrypted login info into the text file and then save it as “.htpasswd” NOTE: the dot before htpasswd!
Once you have this file saved you need to upload it to your web space. make sure you upload the file in a directory above the “Home” or “public_html” root folder.
Next we need the .htaccess file. This file tells apache which files or folders you want to protect.
Open up Notepad again so you have a new document. The code to protect an entire folder on your site will look like this:
AuthUserFile /full/path/to/.htpasswd
AuthType Basic
AuthName “The Private Folder”
Require valid-user
The section which says “/full/path/to/.htpasswd” needs to be the full path to the folder you wish to protect. If you are unsure of this path you may want to ask your web hosting provider.
The .htaccess file will protect the contents of that folder specified above and all sub folders and content below that folder as well.
If you wanted to simply protect one page your code would like like this:
AuthUserFile /full/path/to/.htpasswd
AuthType Basic
AuthName “The Private Page”
<Files “private.html”>
Require valid-user
</Files>
This would ensure that only the page “private.html” would be protected. Again the correct path to your .htpasswd file must be entered.
Once you have the desired code, save the notepad file as “.htaccess” (Again remember that dot!) and now upload this file to the same directory you wish to protect or which holds the private file.
Now test out your new .htaccess protection by trying to access the folder or file you have protected. You should be presented with a user name and password prompt. Enter your chosen user name and encrypted password which was created earlier i.e. mine would be user: dal password: 20fnCgEGpRopc.
If you have any problems getting .htaccess to work it could be because your host does not support it. Sometimes it’s easy to get this enabled for your site so speak with your web host.
