Domain Website Password Protected Directory

You can use the .htaccess file and a .htpasswd file to password protect any directory on your Domain Website:

  1. Create a directory that you wish to password protect, for instance, example.com/members. In the members directory, create an .htaccess file and open it with a text editor such as NotePad++, TextEdit or Sublime Text. (Important: Please note that a dot . in front of a filename, such as .htaccess, denotes a hidden file. Please make sure that your SFTP client is set to show hidden files.)
    1. Note that files with a . prefix in the name are invisible to the web.
    2. The .htpasswd file is the conventional name for the password file. It may be renamed to something else. Be sure that the name is reflected in the path in the AuthUserFile in the .htaccess file.
    3. Note that there must be content in the directory being protected or you’ll get a “forbidden” error. To test, add a file named index.html to the protected directory with the content below, then open a web browser to http://example.com/members/index.html and you’ll see “Hello World!”.
      Content to add to index.html file:
      <html>Hello World!</html>
  2. In the .htaccess file enter the following. Note the path following webpages consists of the first two letters of the domain name. For example.com those letters are ’e’ and ‘x’. For mydomain.com they would be ’m’ and ‘y’.
	AuthUserFile /services/webpages/\\e/x/example.com/private/.htpasswd
	AuthName "Please Log In"
	AuthType Basic
	Require valid-user
  • AuthUserFile - This is the path (i.e., location) to the .htpasswd file. In this example, the .htpasswd file is in the /private folder in the root (/) directory.
  • AuthName - This is what the user will see when accessing the directory: “Please log in” or “Password required”, etc.
    image of Please log in

  • AuthType - The entry for this is usually Basic.
  • Require valid-user - This means any user listed in the .htpasswd file can log in.
  1. Next, create a .htpasswd file in the Base Web account directory, for example, /public.
  2. Next, you need to add the usernames and passwords to this .htpasswd file; however, the passwords MUST be encrypted. Because this can be a problem for anyone without programming experience,`` it is easiest to use a .htpasswd generator found on the Web: http://www.kxs.net/support/htaccess_pw.html
  3. After generating the necessary usernames and encrypted passwords, make a note of them and enter the usernames and the encrypted form of the passwords into the .htpasswd file:
	john:9v5ZJdZRKYyXg
	jane:Qg4Q2usbXx8YI
	Jill:veDTZKuYdTiU.

Please note that both the username and the password are case sensitive, and that the ones you enter into the encryption tool are the same that you will use to log in to the protected directory.

  1. In your browser, navigate to your password protected directory, e.g., example.com/members. You should be presented with a prompt.
    image of Please log in\
  2. Enter the username in the User Name field and the corresponding password in the Password field and select OK.