Password Protecting a Directory

Most ISP users can provide password protection for web page directories by following the steps below.

Users are required to telnet to the server in order to create the password file. Those users who are not familiar with UNIX should not attempt this, but should contact someone who knows UNIX for assistance.

1. Telnet to your server

2. Create a password file in a directory outside of your web accessible directories (e.g. don't create the file in your public_html directory) by typing the following at the command prompt:

   htpasswd -c name_of_file name_of_user

   (name_of_file should be something like .secure)

3. You will then be promted to enter and confirm a password for that user

4. Create a file called .htaccess, it should look something like:

           AuthUserFile /usr/users/your_username/name_of_file
           AuthName ByPassword
           AuthType Basic
   
           <Limit GET>
           require valid-user
           </Limit>
           

5. Place the .htaccess file in the directory you want to protect
   (the AuthUserFile line contains the path to the password file you created above)

6. Add additional users as necessary by running htpasswd without the -c switch

7. That's it...when you access your protected directory via a web browser, you should prompted for a userid and password.

For further information, refer to the NCSA HTTPD FAQs.