Home > Administrative Offices > Information Technology > Web Services > Resources For Web Authors > Password Protection

Using .HTAccess

.htaccess files allow one to create custom web server configurations on a directory level. One common use of the file is to require a username and password to access a site. Creating such a file requires shell access to the web server such as SSH or telnet.

Remember that this process protects an entire directory, not just specific files in a directory.

Here are the contents of the .htaccess file. Text below in bold green must be customized for the user's specific application. Typically, the path is available via the pwd command in a terminal shell.

AuthUserFile /path/to/authenticator/file/.htpasswd
AuthGroupFile /dev/null
AuthName ByPassword
AuthType Basic

<Limit GET>
require user username
</Limit>

In the directory where generating the password, use the command:

/opt/csw/apache2/sbin/htpasswd -c .htpasswd username

The application will ask for the password and a confirmation of the password. It will be necessary to use this command for each additional user created.