HTAccess How-to

There are essentially two ways to "Apache-protect" your files on the server:

- .Htaccess or .htpasswd protect them

Apache allows .htpasswd protecting using the httpd.conf .. directive, and it allows .htaccess protecting using similar to point to a .htpasswd file located in another directory.

The best idea is to store the .htpasswd file in a location not accessible from a browser, ie not the www directory.

Once the htpasswd file is generated, you can specify its location using either method above and restarting your webserver.

If you use the first method, the code you'll want to use is:

If you use the second, the code you'll want to use in your .confd file is:

AuthType Basic

AuthName "Name of your secure area”

AuthUserFile /fullpath/to/your/directory/.htpasswd

require valid-user

*My conf.d file is located in /etc/httpd/conf/ and php.ini is in /etc/
Htpasswd files simply contain the username and encrypted password in them, as creatable from online htpasswd generator sites.

edit