Resources & Services: Computing
Using .htaccess to protect web content
The apache webserver on the server has a built in function that allows users to protect folders with a id/password.
Create the htaccess file
In a simple text editor, create a file called .htaccess. In this file type:
AuthName "Your Title"
AuthType Basic
AuthUserFile /server/documents/path/to/site/.htpasswd
require valid-user
Place this file in the folder which you wish to protect content. Make sure you have the path to the .htpasswd file correct or your authentication attempts will fail. Example: if you web site address is:
http://online.caup.washington.edu/courses/Arch101
The path to your .htpasswd file will be:
/server/documents/courses/arch101/.htpasswd
Note this will also protect all files in subdirectories of this folder. Navigate to this folder using a web browser to verify the server prompts you to login.
Next you will need to create the htpasswd file. To do this log into the server from a command line application (tutorial). Navigate to the folder that you have placed the .htaccess file in and type the following:
htpasswd -c .htpasswd username
New password: ********
Re-type new password: ********
Adding password for user username
You have now set up password protection on this folder and all its contents. Navigate to this folder using a web browser to verify the login/password are working correctly.