Password Protecting a Directory using .htaccess & .htpasswd

In this short and easy guide we will be explaining how to password protect your directories using a .htaccess and a .htpasswd file.

Steps to take

  1. Create a file named passwordhash.php and add the following code to it:
  2. <?php
    // Password to be encrypted for a .htpasswd file
    $clearTextPassword = 'your_password_here';
    // Encrypt password
    $password = crypt($clearTextPassword, base64_encode($clearTextPassword));
    // Print encrypted password
    echo $password;

    Where your_password_here is replaced with the password you wish to use.

  3. Upload the file to your domain via FTP
  4. Visit the page you just created and make a copy of the hash.
  5. Open a text editor such as Notepad++ and add the following: user_name_here:hash_here
  6. Your .htpasswd contents should look similar to the following


  7. Save the file as .htpasswd (Please ensure that you have the file type set to All types) and upload it to your domain via FTP.
  8. If you don’t already have one, create an .htaccess file and upload it to your domain.
  9. Add the following contents to the file:
  10. AuthType Basic
    AuthName "Password Protected Area"
    AuthUserFile /hsphere/local/home/YOUR_ACCOUNT_USERNAME/YOUR_DOMAIN/.htpasswd
    Require valid-user

    Replacing YOUR_ACCOUNT_USERNAME & YOUR_DOMAIN respectively.

  11. Delete the passwordhash.php you created earlier on.

That’s it, visiting your domain should now prompt you for a username and password

As always, please leave us any questions in the comment section below.

Rate this post 1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

This entry was posted in General, htaccess and tagged , . Bookmark the permalink.

Leave a Reply

Please DO NOT use this form to submit support requests, all information submitted will be PUBLICLY VISIBLE.

Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.