Password Protect Web Page

 Back to Technical FAQ
How do I Password Protect my web page?

To accomplish this, two files are required:

  • .htaccess
  • .htpasswd
The .htaccess file must be placed in the protected directory. Suppose the username who wants to protect his website is "foo" and his/her home directory is "/home/foo". Following is a sample .htaccess file: 
AuthUserFile /home/foo/public_html/.htpasswd 
AuthName Toolbox Example 
AuthType Basic
<Limit GET>
require valid-user
</Limit>
You will have to modify the first line, giving the complete path for your .htpasswd file. The bottom three lines indicate that a valid user is required for accessing the website where .htaccess is located. Following is a sample .htpasswd file, each line specifies a userid/encrypted password. 
foo:.5yVOkTkyRzn
Three ways to generate the password line in .htpasswd are:
  • If you have access to the htpasswd command you can use the below command. The system will ask you to type in the password.
    htpasswd -c /home/foo/public_html/.htpasswd foo
  • You can use perl's crypt function: perl -e 'print crypt("foopasswd",".,5yVOkT.kyRzn")' You can type whatever string you prefer in the second argument.


Department of Computer Science • Stony Brook University, Stony Brook, NY 11794-4400 • 631-632-8470 or 631-632-8471

 Stony Brook University Home Page    |    Search Stony Brook   |   SOLAR