Password Protect Web Page

How do I Password Protect my web page?

To accomplish this, two files are required:

  • .htaccess
  • .htpasswd

The .htaccess file must be placed in the protected directory. Suppose the username who wants to protect his website is "foo" and his/her home directory is "/home/foo". Following is a sample .htaccess file:

AuthUserFile /home/foo/public_html/.htpasswd 
AuthName Toolbox Example 
AuthType Basic
<Limit GET>
require valid-user

You will have to modify the first line, giving the complete path for your .htpasswd file. The bottom three lines indicate that a valid user is required for accessing the website where .htaccess is located. Following is a sample .htpasswd file, each line specifies a userid/encrypted password.


Three ways to generate the password line in .htpasswd are:

  • If you have access to the htpasswd command you can use the below command. The system will ask you to type in the password.
    htpasswd -c /home/foo/public_html/.htpasswd foo
  • You can use perl's crypt function: perl -e 'print crypt("foopasswd",".,5yVOkT.kyRzn")' You can type whatever string you prefer in the second argument.