.htpasswd help please...

in Genius Bar edited January 2014
I've read there is a way to use the .htpasswd file to password protect a folder on a web server. Anyone know how to do this? Please.

Thanks much,



  • Reply 1 of 2
    .htpasswd is the file where you store the passwords. To actually password protect the directory, you typically create a file called .htaccess and place it in the directroy you wish to protect. Open up a terminal and a text editor and I'll briefly go over it...

    First create a new text file named .htaccess. This file will appear hidden in the Finder, so I usually don't put the "." in and just add it once I upload it to the server. In this file, it should look something like this...


    AuthUserFile /home/m3djack/.htpasswd

    AuthGroupFile /dev/null

    AuthName SecureSite

    AuthType Basic


    require user cpns



    Now, you want to upload this to the directory you wish to protect. Quickly, what the variables mean...

    AuthName is the name of the protected area that people see when the prompt comes up.

    AuthUserFile is the path to the password file.

    You don't really need to worry about the other variables for this basic example. Now, presumably on the server you are installing this on, you want to run the following command in the terminal. Alternately, you can run the command on your OS X command line, and upload the file it generates.

    [code]htpasswdÂ*-cÂ* /home/m3djack/passfilenameÂ*username </pre><hr></blockquote>

    The path "/home/m3djack/" is where it is going to save the password file. This is the same file referenced in the aforementioned AuthUserFile variable. passfilename is the name of the file the program htpasswd is creating. For this example, you want to set that to: ".htpasswd". Finally, username is the name of the user you want to have access to it. This would be the name they give when they are prompted to enter the secure area.

    So to create a password file for user: m3djack we would type...

    [code]htpasswdÂ*-cÂ* /home/m3djack/.htaccess m3djack </pre><hr></blockquote>

    It should be noted that you can actually do a *lot* of cool stuff with .htaccess. You can reject and allow certain IP ranges, ban people from your site or directories, set custom error pages for your site (for like 401, 404, etc)etceteras. Do a search on google for .htaccess tutorial. There is actually a lot, so it is futile to go into it here

    [Edit: Grammatical mistakes.

    [ 11-25-2002: Message edited by: M3D Jack ]</p>
  • Reply 2 of 2
    a@rona@ron Posts: 201member
    Thank you very much for taking the time to write all that out.

Sign In or Register to comment.