Advertising disclosure

Hosting Canada is community-supported. We may earn a commission when you make a purchase through one of our links. Read Disclosure.

Password Protection with htaccess

Gary Stevens — Last Updated on February 8, 2024

With .htaccess it is very easy to password protect a folder or directory. The method is called htaccess password protection or htaccess authentication, and works by uploading two files called .htaccess and .htpasswd in the directory you want to password protect. The htaccess file should contain the following:

AuthType Basic
AuthName "Password Protected Area"
AuthUserFile /path/to/.htpasswd
Require valid-user

You only need to change “/path/to/.htpasswd” with the full path to your .htpasswd. Take a look at my article on how to find the full path using PHP. Next you need to upload the .htpasswd file which contains the username and password to enter the password protected folder. The .htpasswd file should contain:


The above code will allow the user “test” to access the password protected area with the password “test”. The text “dGRkPurkuWmW2” is a encrypted version of the password. You will need to use a htpasswd generator to create another password. Each line in the .htpasswd file contains a username and password combination, so feel free to add as many combinations as you like.

The automatic way – Use the generator

You can also just use the htaccess authentication generator to create a htaccess file for password protection.

For additional reviews please see our guide to the Canadian hosting as well as the best VPN. Veuillez consulter nos informations sur hebergement web canada.