Password protecting your web site

When designing your Web page or site, you might want to restrict access to the page or part thereof. For example, you may have a members only section of your site or perhaps a download section containing files you would like to be acessible by a limited circle of people. The best way to do this is to apply username/password based access restriction to your Web page/site.

The following procedure is not 100% secure, however it will prevent the average person from accessing the section of your site that you choose to protect.

To password protect a section of a Web site hosted by Vicnet, you need to create two files named:

• .htaccess
• .htpasswd

Creating a .htaccess file

1. Open your favourite plain text editor such as Notepad if you use Windows or SimpleText on the Mac and create a new file named htaccess.txt
2. Type the following into the htaccess.txt file:
   • Replace "Prompt Text" with a short message describing the section of your site that you are protecting e.g. "Members Only". This phrase will be cut short if too long so make sure it is brief.
   • Replace path with your site's full directory reference on our server...
     • For http://home.vicnet.net.au/~jcitizen/ customers this is /home/homevic/public_html/jcitizen
     • For http://www.yourdomainname.com.eg/ the path will be /home/jcitizen

AuthName "Prompt Text"
AuthType Basic
AuthUserFile path/.htpasswd
require valid-user

Image may be NSFW.
Clik here to view.

For example, if you were the Web designer for http://home.vicnet.net.au/~jcitizen/ you would upload an htaccess.txt file into a directory such as /public_html/members/. The htaccess.txt file would look something like this:

Image may be NSFW.
Clik here to view.

3. Save your htaccess.txt file
4. Using an FTP program, upload the htaccess.txt file in ASCII or TEXT mode into the directory you wish to password protect
5. Within your FTP program, rename the file from:

htaccess.txt

to:

.htaccess

Note: If you cannot see these files after renaming them, your FTP program is not configured correctly. Please ensure your FTP program is configured to show hidden files.

Creating a .htpasswd file

1. Go to the Vicnet htpasswd encoder page

Image may be NSFW.
Clik here to view.

2. Within the Input box, enter each username:password combination that you want to be allowed access to your site. e.g.

paul:footy
andrew:gamer
anthony:linnix

Usernames must be unique and should not contain any special characters like colons, quotes, semicolons etc.

3. Click the Encode button

Image may be NSFW.
Clik here to view.

4. Select the contents of the Output box
5. Copy the contents of the Output box
6. Open your favourite plain text editor such as Notepad if you use Windows or SimpleText on the Mac and create a new file named htpasswd.txt
7. Paste these username:gibberish combinations into your htpasswd.txt file
8. Save your htpasswd.txt file
9. Using an FTP program, upload the htpasswd.txt file in ASCII or TEXT mode into the directory above your /public_html/ directory

10. Rename the file from:

    htpasswd.txt

    to

    .htpasswd

    i.e. Nothing should precede the "." and there should not be any filename extension such as .txt or .doc

Congratulations, your Web directory should now be password restricted! To remove the restriction, remove the .htaccess file in the directory that's restricted.