If you are running an apache server password protecting directories is fairly simple. There are plenty of generators that will help you generate all of the code that you need to place into your .htaccess and .htpasswd files.  This can be useful to hide content that you don’t want people to yet, or at all. This also allows you to only allow specific people access to certain areas of your web site.

First you need to start by editing your sites .htaccess file. The link below can help you generate the code, but for the most part it should look like this:

AuthUserFile /path/to/your/.htpasswd
AuthGroupFile /dev/null
AuthName Please enter a password to gain access
AuthType Basic

.htaccess password generator

The AuthName is what will display in the password box that pops up when you try to access the protected directory.  Now that you have that you will need to create the actual password file. This is usually named .htpasswd or can be changed to something a little less common as long as you reference it in the .htaccess file.

You can generate the encrypted password for the .htpasswd file by going to one of the generators and putting in the user and the password you would like to use. It will then give you a line that looks something like this:


Password Generator

Adding this to your .htpasswd file will grant the user admin permission to view that site. I haven’t seen a limit hit on how many users can be added. I imagine that if you add to many it may slow the authorization process down a bit. To add other users just make sure that each user and password are on a separate line.

A tip for choosing the password is that it won’t work with any special characters. This means no $%^&*!@# in your password. It will work with capitol letters and numbers so you can still make a fairly secure password.