Password Protecting Your Website with a .htaccess file: Three Easy Steps

Creating a simple file can substantially increase the security of your website through password protection.

This tutorial will take you through the steps of creating the .htaccess file, which will generate stronger security for your website. The .htaccess is only a file, yet it has the ability to alter server settings; thus, the .htacess file can be used to redirect users automatically, create custom error pages, change file extensions, ban or allow users with certain IP addresses, and most importantly, offer solid and convenient password protection.

In preparing to work with a .htaccess file, there are several steps that will make the overall process much easier.

1. Create a .htaccess file - The creation of a .htaccess file is very easy; you simply need to type the appropriate code into a text editor, such as Notepad or Word. Please note that a problem may occur when you attempt

Note: Microsoft Front Page Warning:
It is best to use extra caution if you are using the Microsoft FrontPage Extensions. The FrontPage extensions make direct use the .htaccess file. Therefore, if you do want to edit it, you should first download the .htaccess file, if available, from your server. Then, at the start of the file, you simply add your code.

Adding password protection to a directory using .htaccess takes two stages.

2. Working with the .htaccess file - First, in the directory you wish to increase security, you need to enter in the proper lines to the .htaccess file. Password protection will then apply to everything underneath the directory.

AuthName "Section Name"
AuthType Basic
AuthUserFile /full/path/to/.htpasswd
Require valid-user

To offer further clarification to the above lines of text please keep in mind the following:

"Section Name" should be changed to the title of the portion of the site you would like to protect, such as "Members Area."

In addition, you need to change the AuthUserFile/full/parth/to/.htpasswd in order to fully reflect the total server path to access the .htpasswd file. Please cotnact your system administrator to obtain this information, if you do not currently know what the full path of your server is.

3. Working with the .htpasswd file - In order to password protect a directory, you need to create a file that holds the passwords and usernames for those individuals who are permitted to have site access. This information should be typed into a file named .htpasswd . Similar to the .htaccess file, .htpasswd does not have any specific file name; rather, it has a eight letter extension. You may place the .htpasswd file anywhere in your website because of the encrypted passwords; however, if you place the file outside of the web root, it would be impossible for anyone to access the information from the web, and thus, your can achieve a higher level of security.

Creating Usernames and Passwords for the .htpasswd file:
After you have created the htpasswd file, you will need to type in the username and passwords that can be used to access the site. The usernames and passwords should be typed in the following format: username:password

Please note that the user name should match the registered user name; however, the password will need to be listed in the encrypted format. To encrypt the password, you can write your own, or you can also utilize available premade script. There is a good username/password service located at http://www.tools.dynamicdrive.com/password/ , which will allow you to enter the user name and password and will output it in the correct format.

For multiple users, simply add extra lines to your .htpasswd file in the same format as the first.

There are many additional free scripts that you may work with to enhance the functionality and usability of the .htaccess file. There is no doubt that this is one of the most useful files a webmaster can use in customizing the functionality of his or her web site.

What Is MSSQL?

MSSQL is a database server created by Microsoft.

MSSQL integrates with the Windows hosting environment and other Windows products like ASP.Net. It is very similar to MySQL but not free.

For hosting companies it often is quite expensive to lease MSSQL so be prepared to pay more for Windows hosting that offers MSSQL. A lot of hosts charge extra for MSSQL as well. I strongly recommend using MySQL which is very similar, free, and can still be used with ASP.Net.

What Is MySQL?

MySQL is a database server that is very popular and free!

It allows you to easily store and retrieve data from a dynamic website or web application. This site runs using PHP and MySQL and a lot of the sites you visit that are very automated use this combination.

On a basic level MySQL is just like Access where you can easily sort through a row or columns. This isn't entirely accurate but if you are having some trouble understanding how it works this is a ruff concept. Scripts like WordPress, PHPNuke, Mambo, etc all use MySQL to store data.

Here are 10 reasons why MySQL is a good choice and why so many people love using it. MySQL runs on just about every operating system including Linux and Windows.

What is Cpanel?

Cpanel is an online control panel that you can use to control your website, email, and even more advanced things like installing scripts. A lot of hosting companies use it so users can create email accounts and other things on their own with ease.

Cpanel Hosts and Cpanel Tutorials
For some recommended hosts that offer it try our cPanel Hosting Guide. Also be sure to visit our cPanel tutorial section if you need some help.

Cpanel Demo
For an online demo of Cpanel go here. Good way to see if you like it!

5 Examples of Things You Can Do In Cpanel
1. Add a new email account.
2. Add password protection to a file or folder.
3. Install blogging software.
4. Check your stats and see how many visitors your site is getting.
5. Edit your html files to make changes through your web browser.
And much much more!

What does Cpanel look like?
Here is an example of what the cPanel menu looks like

What Is DirectAdmin?

DirectAdmin is an online control panel

that you can use to make changes to your hosting and other related settings. It has a zillion options such as creating email accounts, setting up FrontPage extensions, change DNS settings, create FTP accounts, creating databases, and lots more!

For a full list of features go here. It even has an integrated ticket system and is totally customizable via skins and an API. I highly recommend Directadmin as its easy to use and similar to Cpanel and Plesk. For resellers is is nice as it is lower in cost and a good way to differentiate your hosting companies.

What Is Ensim Pro?

Ensim Pro is an online control panel for your web hosting account.

It allows you to easily create and manage things like email, ftp, and other hosting settings. Ensim Pro works with Linux and Windows. For a full list of features and screenshots go here.
Ensim Pro also comes with Power Tools. Power Tools allows your users to easily setup scripts that do content management, forums, chat, e-commerce, etc! There are no public demos of Ensim Pro but on their homepage you can email them to request a demo.

What is Plesk?

Plesk is an online control panel that lets you control your website

and do lots more like install scripts and create email accounts. It is one of the most popular online control panels and has a lot of extra features. You can do things like add email accounts, add ftp accounts, check your webmail, and more!

Plesk Demo
To try a demo of Plesk just go to the official site here. Its a good way to see if you like the feel of the interface.

5 Examples of Things You Can Do in Plesk:
1. Add a subdomain.
2. Create an email account.
3. Create a MySQL database.
4. Edit your html files directly via your web browser.
5. See how much bandwidth and diskspace your site is using.
And more!

What does Plesk look like?
Here is a screenshot of Plesk

Here is the official description of Plesk:

Plesk is a comprehensive control panel solution used by leading hosting providers worldwide for shared, virtual and dedicated hosting. The control panel is designed to simplify the management and administration of web sites. Plesk control panel automates a large number of tasks that allow service providers to reduce operating costs and resources while at the same time increasing profitability, efficiency and customer satisfaction.