Follow the steps below to Protect a Directory Using .htaccess on Apache level
open .htaccess file AND add below code
Place this .htaccess file inside directory want to password protected. So, you have to place .htaccess file inside each directory want to password protected.
AuthName "Admin Area" AuthType Basic AuthUserFile /path/to/your/directory/where/.htpasswd/file/present require valid-user
Note: you will have to modify 1st and 3rd line from the above code as per your situation.
Change “Admin Area” to any other as per your requirement. This name will be displayed when the browser prompts for a password.
You will later create a file containing usernames & passwords named
.htpasswd. The “AuthUserFile” line tells the Apache web server that where it will find this file.
Ideally, the password file should not be placed inside any directory accessible by visitors of your website. For example, if the home page of your web site is located in “
/home/your-account-name/public-html/” then place your
.htpasswd file outside /public-html/
. In this way you can protect your .htpasswd file from outside world and users can not access that by simply typing h
Another important point I would like to mention here, wherever you put the file, write the full path of that file after “AuthUserFile”. For example, if the directory where you placed the file is
/home/lib/.htpasswd , modify that line to “
AuthType and require
You do not need to modify these two rows.
Link where you can generate encrypted password
Your username & password file need not be named .htpasswd. It can be any other name you wish. You can have multiple username & password in .htpasswd file but per line only one username and password.
Enjoy Restrictions 🙂