Protecting Site Content

.htaccess

You may protect folders using a special .htaccess file. Please be aware however that your password will be sent over the network in plain text unless you have installed a secure (SSL) certificate and have accessed the page using a https:// address.

Sample .htaccess File

AuthName "Secure Realm" AuthUserFile C:\www\username\www.domain.com\protected\.htpasswd Require valid-user

.htpasswd

The .password file contains a list of users and their Crypt() encoded passwords. This is not secure encryption, but it does make it a little more difficult for your passwords to get into the wrong hands. The format of the file is simply username:password for each user on a separate line.

The password MUST be Crypt() encoded otherwise you will be denied access, the tool at the foot of this page allows you to translate your real (plaintext) password into a crypt password. If you click encode a second time you will see that the result is different - this part of the crypt algorithm.

Sample .htpasswd file

test:qssoeR/1q8Tok user:qssoeR/1q8Tok fred:qssoeR/1q8Tok

Username:
Password:
.htpasswd line:

Protecting Site Content

.htaccess

Sample .htaccess File

.htpasswd

Sample .htpasswd file

Crypt Encoder