How Can I Password Protect My Cloud Sites Website?


You can password protect your website, or any of its directories, through basic authentication using a .htaccess file. PHP must be set as the default technology for a site in order to utilize a .htaccess file. If used on a site where ASP is also an enabled technology, please be aware that this will not protect ASP pages.

Create the .htaccess file

This file sets up the requirement for basic authentication and also points to the file containing a list of authorized users.

  • Open a simple text editor, such as Notepad.
  • Insert the following code:
# The name of the area
AuthName "Name of Password Protected Area"
 
# Type of authentication. Always basic
AuthType Basic
 
# Path to .htpasswd file for the site.
# It's preferable to not have this in any
# of the site's content directories.
AuthUserFile /mnt/Target01/[DDI_ID]/[CLIENT_ID]/[WEBSITE_NAME]/.htpasswd
 
# The requirements to view the site. This
# requires that the browser provide
# credentials matching on of the users in
# the .htpasswd file specified above.
Require valid-user
  • Replace the text inside of the quotation marks on the AuthName line to the name of your password protected area (Ex. AuthName "My Password Protected Directory").
  • The text after AuthUserFile must be changed to match your site's server side path to a .htpasswd file we will create soon. To find the server-side path, see How do I find the server-side path for my site?. (Ex. /mnt/Target01/000000/www.mywebsite.com/web/content/.htpasswd).
  • Save the file as "htaccess.txt" and upload it to the directory you want protected.
  • Rename the file to ".htaccess".

Create the .htpasswd file

This file will contain a list of usernames and password sets. Each line should contain one set and the username and password should be separated by a colon

  1. Open a simple text editor, such as Notepad.
  2. Use a .htpasswd encryption tool, such as the one available at http://www.htaccesstools.com/htpasswd-generator/. This will automatically generate the content for the .htpasswd file.
  3. Copy the output of the encryption tool to your text editor.
  4. Save the file as "htpasswd.txt" and upload it to your site to the path you are pointing to in the .htaccess file.
  5. Rename the file to ".htpasswd".

Following these steps will setup basic authentication password protection to the directory indicated. If you are unable to view the .htaccess and .htpasswd files after you renamed them, you will need to configure your FTP client to view hidden files.



Was this content helpful?




© 2011-2013 Rackspace US, Inc.

Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License


See license specifics and DISCLAIMER