The following post is aimed to provide security to web directories through password protection, which is on Unix or Linux web hosting servers. You can restrict the access of any particular directory, following process will create a username and password entry whenever someone would try to access the protected directory. This utility is free of cost and just takes about 15 minutes for its configuration.
Configuration of .htaccess file.
At the start, you need to create a .htaccess authentication file, which is important for granting access and other rights to the files in the directory. This short tutorial is about restricting unauthorized persons to view (GET) and uploading (POST) files in the directory.
Approach your favorite editor i.e. Notepad or you can also go for telnet on your web hosting server and choose Unix editor (vi) create a text file using the following code and make sure to keep the path (/var/www/html/private/) of the directory to the exact location where you want to store the usernames and passwords which are to be authenticated. The following code, ‘Protected Directory’, is used as an example name of your authentication window.
AuthUserFile /var/www/html/private/.htpasswd
AuthGroupFile /dev/null
AuthName “My Private Directory“
AuthType Basic
<Limit GET POST>
require valid-user
</Limit>
Save the file created with the above code with the name ‘.htaccess’. Place this .htaccess file into the directory which you want to be protected. If the file is created on a local system then you can use ftp to get the file into the directory and if you have used a Unix editor (vi) then you can use ‘mv’ command to move the file to your desired directory.
Important Note:- the exact path of .htpasswd file is very important, if you are confused about it then you should contact your web hosting provider. When a .htaccess file is placed into a particular directory then it also restricts access to the subdirectories placed in that particular directory.