on air

Password Protect Directory | Members Area.

back home » Scripting Tutorials » .htaccess » Password Protect Directory | Members Area.

Note Carefully For Security Reasons.

For security reasons the .htpasswd file should be uploaded as ASCII. And above your root directory (In a chroot()ed directory), to avoid users having access to it.

Furthermore, the .htaccess file should be placed specifically in the directory you'll like to password protect.

Placing it in your root directory will password protect your entire site, unless you are sure of doing so.

Creating the .htpasswd and the .htaccess files.

You may use a password generator to create both the codes you'll need to use in your files. Copy the generated codes and paste them inside their respective files, or manually rewrite them into notepad. Save and upload them to your server using the uploading technique you learned before.

Note: You'll have to be sure of where you'll place both files. So you can follow their paths using the password generator or manually coding.

The .htpasswd file must contain alphanumeric characters only, without special signs.

See the illustration below.


And the .htaccess file will also look somehow like this.

See the illustration below.

AuthUserFile /usr/local/you/externaldir/.htpasswd
AuthGroupFile /dev/null
AuthName EnterPassword
AuthType Basic

require valid-user

Explaining The Generated Code Above.


Notice, the .htpasswd file's code above is having two parts, and are separated with a colon. The first part is the username, and the second part, the password.

This is the container of all the users you'll like to grant access to your protected directory.

Be extra careful to avoid misplacing them. Note that these parts can contain alphanumeric characters only without special signs. Beware of how you'll use upper, and lowercases.


The AuthUserFile is the most necessary part here. This line contains the full server path to the .htpasswd file you placed outside your root directory (In a chroot(ed) directory). This is the connection between the .htaccess and the .htpasswd files.

The AuthName is the line that contains the description of the dialog box. You can rename it as you'll prefer. (E.g. "InsertPassword", "Password", "EnterPassword" etc...).

They are all right. However, they must be informative for users to know what to do.

The required line is where you'll define, who access would be granted to, either specifically or to multiuser. (E.g. A list of users, club members etc...)

To specify a user the line must read like this: required user coolcsername

To allow multiuser, the line must read like this: required valid-user

The AuthType line is Basic, simply because I'm using the basic HTTP authentication.

The AuthGroupFile line is where you can define the path to alternative group files.

Password Protect Directory Using .HTACCESS.


Man will give you worldly powers, and make you feel on top of all, note this is temporally and could be redrawn at anytime sending you back to the ground floor of life. However, the Lord Almighty, the one and the only rightful ruler of the Universe, blesses everlastingly.


Knowledge is Power, but Power is not Knowledge. Wisdom is the truthful Power that identifies the Knowledge within the man. And only, I repeat 3x. Only the almighty God has the power to bless the man with his Wisdom forever.

To achieve the Lord's blessings, cease not praying daily, asking for his Wisdom, and you'll be blessed abundantly...


Spyera Phone

Spyera Phone version is software that you install on a smart phone to monitor everything happening on the phone. After installation, SPYERA secretly records events (sms, call history, phone book, location, emails, What's App messages, IM, Facebook Chat, Skype, See photos taken and many more...) that happen on the phone and delivers these information to a web account, where you can view these reports 24/7 from any Internet enabled computer or mobile phone. SPYERA also allows you to listen to the surroundings of the target mobile , listen to the phone conversation and to know the location of the device.


Please, Kindly Donate What You Can, Enabling Us Pay Hosting And Domain Costing, And Do More.

Please Donate