Contact
Site: US UK AU |

How to password-protect web pages with .htpasswd

How to password-protect web pages with .htpasswd

Overview
This article shows how Nexcess clients can use FTP and SSH to restrict access to web pages to one or more users.

But first...

You need both FTP and SSH access to the server hosting your website. See How to add FTP accounts with SiteWorx and How to enable SSH access for more information.

Method

Attention: Any input in brackets ([username][dev.example.com], and so on) represents a placeholder. Replace the brackets and everything between them with the indicated information. 

  1. Log in using FTP and download your .htaccess file from the folder you wish to protect; for example: 

    /home/username/dev.example.com/html/.htaccess. If this file is not here, you may need to create it.

  2. At the top of the .htaccess file, insert the following:

    Attention: The AuthUserFile path should be the target location for storing your username and password.  We recommend doing this in a location outside of the html folder.

    AuthType Basic
    AuthName "Password Protection"
    AuthUserFile /chroot/home/[username]/[dev.example.com]/.htpasswd
    Require valid-user

    If you wish to block a specific page, you would use <FilesMatch> to limit this to a single page, like so:

    AuthType Basic
    AuthName "Password Protection"

    AuthBasicProvider file
    AuthUserFile /chroot/home/[username]/[dev.example.com]/.htpasswd
    <FilesMatch “[secret.php]”>
    Require valid-user
    </FilesMatch>

  3. Log in with SSH, then use the cd command to change your directory to the target directory for the .htpasswd file:

    cd /chroot/home/[username]/[dev.example.com]/
  1. To generate a new .htpasswd file with one user, issue:

    htpasswd -nb [username] [password] > .htpasswd

    After this, you can use htpasswd -nb command to generate new username and password combinations to add to the .htpasswd file. For example:

    htpasswd -nb [username2] [password2]

  1. The output will resemble the following; copy it to your clipboard:

    [username2]:$apr1$AvsmeS7S$Y.K4zIO6Abgw7zd.Hnq.W/

  1. Using FTP, add the new user as a new line to the existing .htpasswd file. Repeat Steps 5 and 6 for every user as necessary. For example:

    [username]:$apr1$MqnlWasH$zEF0/tORcU2GuRNFMhACj0
    [username2]:$apr1$AvsmeS7S$Y.K4zIO6Abgw7zd.Hnq.W/

 
For 24-hour assistance any day of the year, contact our Support Team by email or through the Client Portal.

Article Rating (No Votes)
Rate this article
  • Icon PDFExport to PDF
  • Icon MS-WordExport to MS Word
 
Attachments Attachments
There are no attachments for this article.
Related Articles RSS Feed
How to use the Nexcess Secure Password Generator
Added on Tue, Jan 15, 2019
How to reset your SSH password and add SSH keys in SiteWorx
Added on Mon, Dec 17, 2018
How to view shared secure data in your Client Portal
Added on Wed, Dec 5, 2018
How to transfer files to a server with SFTP
Added on Wed, May 23, 2018
How to enable SSH access
Added on Mon, Dec 17, 2018
How to create SSH keys in Windows with PuTTY
Added on Wed, Dec 26, 2018
How to secure your ExpressionEngine website
Added on Mon, Jan 14, 2019
How to use two-factor authentication in the Client Portal
Added on Wed, May 30, 2018
How to install OpenVPN
Added on Wed, Dec 26, 2018
How to add SSH keys to your Nexcess Cloud account
Added on Tue, Oct 23, 2018