Password Protect with .htaccess and .htpasswd

With .htaccess and .htpasswd we can protect even individual page or file on webserver. To password protect an individual file:

  1. Create a file named .htpasswd and place it above your root directory, so visitors can’t access it.
    • Example of the root directory pathway for shared accounts : /home/cpanelusername/.htpasswd
    • Example of the root directory pathway for reseller, vps and dedicated server accounts: /home/cpanelusername/.htpasswd
  2. Create an encrypted password using either a utility such as the command line program htpasswd or an htpasswd generator. It doesn’t matter how many individual files you wish to protect; they can all share a common .htpasswd file.
  3. Right click on the .htpasswd file and select the Code Edit option.
  4. In the popup that appears, click the Edit button.
  5. Place the generated .htpasswd information into the .htpasswd file.
  6. Click on the Save Changes button.
  7. Click on the Close button.
  8. Navigate to the directory where the file(s) that you would like to password protect lie.
  9. If an .htaccess file does not exist in the directory already, create one.
  10. Right click on the .htaccess file and select the Code Edit option.
  11. Insert the following code into the .htaccess file:
    <FilesMatch "examplefile.extension">
    AuthName "Member Only"
    AuthType Basic
    AuthUserFile /home/cpanelusername/.htpasswd
    require valid-user
    </FilesMatch>

    Be sure to replace replace examplefile.extension with your file’s actual name and replace cpanelusername with your actual cPanel username.

  12. Click on the Save Changes button.
  13. Click on the Close button.

This will protect the specified file, while leaving all other files in the folder unprotected.

Password Protect Multiple Files

You can protect more than one file by using wildcard names. On the FilesMatch line in the previous .htaccess code example, try one of the directives below:

  • <FilesMatch “*.html”>
  • <FilesMatch “file.*”>
  • <FilesMatch “*.*”>

Password Protect a Folder

Insert the following code into the .htaccess file:


AuthName "Member Only"
AuthType Basic
AuthUserFile /home/cpanelusername/.htpasswd
require valid-user

Want me to do this for you? Drop me a line: itgalaxyzzz {at} gmail [dot] com