Vous êtes sur la page 1sur 2

Prepared by Asif M.

Khan

How to create a password protected Website

You need two create two files and place them in the folder on your Web-
server where the html files that you want to have restricted authorization
are located (for example, “/home/asif/public_html/asif/”):

1. “.htaccess”

2. “.htpasswords”

The name of the file 1 has to be strictly that (.htaccess) , while for file 2 it
can vary depending on your personal preference. File 1 communicates to
the browser the request for the password and prompts the window for the
user to input the password. Content of file 1:
AuthType Basic
AuthName "Please Enter Your Password"
AuthUserFile /home/asif/public_html/asif/.htpasswords
require valid-user

Explanation:
Line 1 explains that this is a basic authentication type.
Line 2 communicates a message from the owner of the site to the visitor of
the site
Line 3 tells the path of the password file that will be used to check and
verify against what the visitor enters. Since this where you specify the
password file, the owner of the site can specify any name to the password
file, as desired.
Line 4 tells that a valid user is required before entry to the site.

To generate the content of file 2, do the following:

1. SSH to your Unix/Linux server and navigate to the folder where


“.htpassword” is present
2. Type the following command to specify the password for the desired
userid, and generate the encoded version of the password

htpasswd <password file name> <userid>


Prepared by Asif M. Khan

For example:

htpasswd .htpasswords asif

When you execute the above, the console will prompt for the password and
ask you to also re-enter it for verification. If successful, this information will
be encoded and saved in the .htpasswords file. For example:

asif:9Y9NYzAQBDJ/Y

Assuming, you don’t have access to SSH, and only have an FTP client to
transfer the content of the two files from your Windows, how else can u
generate the encoded password? One of the ways is to use the utility at the
URL below (just enter the desired user id and password for step 1 and
submit):
http://tools.dynamicdrive.com/password/

You will be returned with the line to paste in the password file. Copy and
paste it into the password file and upload it to the server using the FTP
client. If you are worried about submitting your user id and password to this
site, then just type any fake userid, because what you really need is just the
encoded password, and the correct userid, you can type it yourself in the
password file. If you are using Mac OSX, you can execute the command
below directly on the system, using the Terminal, without being logged to
the Unix/Linux server, as Mac OSX is a Unix-based OS.

htpasswd <password file name> <userid>