This short tutorial will explain how to password a folder on a web site. Note this method only works for an Apache server. Note that the folder and its contents, including subfolders, will not be indexed by search engines since it has a password.
First create a .htaccess file as ordinary text files. Make sure there is no .txt at the end. There may already be a .htaccess file on your server so check. Add the following code starting with AuthUserFile to your .htaccess file and modify it to suit your web site.
AuthUserFile /home/content/f/r/e/fred/html/myfolder/.htpasswd AuthGroupFile /dev/null AuthName "Admin Access" AuthType Basic <limit GET POST> require user myfriends </limit>where myfriends (replace with your own) is the login id you want to use.
/home/content/f/r/e/fred/htmlwith your own.
/home/content/f/r/e/fred/htmlThis is known as the DOCUMENT_ROOT in the world of PHP. Since most hosts support php scripting you can create a file called showinfo.php and put the following text into it:
<? phpinfo(); ?>Upload this to your website's home directory and invoke it:
http://www.mydomain.com/showinfo.phpLook for the entry called "DOCUMENT_ROOT".
Ask your ISP if you cannot find the full path.
Create the .htpasswd file as an ordinary text file. Make sure there is no .txt at the end and the filename starts with a dot.
myfriends:bZTGwg.9OWALY
To get the .htpasswd entry you need to generate a password the htpasswd generator tool will generate a cut-and-paste line for .htpasswd file. Remember no breaks at the end of the line.
If you have access to Perl, try this from the command line:
perl -e "print crypt('myfriends', 'abc')"
where the 'myfriends' is the login id and 'abc' can be any sequence of letters or numbers (it is used to initialize the crypt function).
This is Apache's password generator program.
htpasswd -c .htpasswd mylogin
This will prompt you for the password then write out .htpasswd file.
Upload .htaccess and .htpasswd to the folder you want passworded. Some web development programs, such as FrontPage or Expression Web, do not show the dot files in their file list because a file starting with a dot is considered hidden.
Test out the password by trying to access a file in the folder. A prompt for the user id and password should appear.
You are done. Every time someone tries to access the folder or any of its subfolders they will be prompted for a login and password. Note this folder, subfolders, and files in the folders will not be indexed by search engines.