Password Protect Directory using Htaccess:
Hi Guys ! Protecting your media files from anonymous or unauthorized users is very important for the security .The best and easy way to do it is Using the htaccess .You can password protect your directory Using htaccess .Htaccess uses also another file called htpasswd for this purpose.Htaccess is always a better aproach as you cant protect your files and media ,images etc with PHP .So it is better to lock the directory using the htaccess.and it is very easy to Implement.So we use htaccess method to password protect directory.
So We are going to need two files for this purpose :
htaccess FIle and htpasswd file are required in order to password protect directory with htaccess method.
So first we take a Look at htaccess File.The Htaccess file needs to be in the folder which you want to password protect.and this uses the password file named .htpasswd.which should be kept in the folder where is is not accessible to people.
Password protect Directory using Htaccess ::htaccess File
AuthType Basic AuthName "restricted area" AuthUserFile path/to/.htpasswd require valid-user
The Above is the sample htaccess file .you just need to copy it and paste it to your htaccess file and just change the AuthUserFile location according to the location in your file system.on your server it is according to your server root.
Htaccess File ::Advance Details :
The Above htaccess File is complete pretty much but lets get more speccifi about it if we want to give access to only some user,say we just want to give access to the admin folder to User With Username Raman not any one else.So what we do?Lets Understand how we do it.
Firstly take a look at the line below:
The Line means that give access to all valid users present in the htpasswd file.means could be any user that is entered in our htpasswd file.
SO now take a look at the line below:
require user raman
The above line means that to access certain folder ,the username must be ‘raman’.So we could use either of the line according to our requirements.Thats pretty easy i guess.So if you want that only certain user get access to a folder then replace the line “require valid-user” with the line above with your desired username.
Password protect Directory using Htaccess ::htpasswd File
Now lets take a look at the htpasswd file.htpasswd file contains username and password for the directory in which your .htaccess file is present.the .httpasswd file contains the password in encrypted format .so that it cant be seen by any one and it is irreversible . the .htpasswd file is plain text file you can name it whatever you want but it is suggested to keep .htpasswd as apache is configured to make every file starting with .ht* to protect from public access.here is sample .htpasswd file.it has pair of username password one line each pair.
The above is the sample .htpasswd file.you can generate user username and password pair for your .htaccess file using the htpasswd generator below:
if the htpasswd generator below do not work You can Use the Htpasswd Generator Tool by Design Aeon.
Generate Htpassword File Content
Password protect using htaccess:Common issues with Htpasswd path :
The path is common issue i guess here.most of people do not understand the line what path should write for the htpasswd file.Some thinks it should be web root,it should be relative or absolute.
Let me clear it, its none of it.The path is server root ,the file system.You could find correct path using the ftp program which will give you the accurate path.If you are using local server means testing server then you should give path like that: C:/xampp/htdocs/test/admin/.htpasswd .
And for the server it should be like /home/ramandeep/public_html/htpasswords/.htpasswd. It s quite simple ,but still i think i should elaborate that ,cause i also got in to this path problem sometime.
That’s all ! about the password protect directory using htaccess .I hope you like this post.Thanks for reading article on designaeon.com.keep visiting.