36 comment

1. is there any similar resource for setting this up on windows?

2. Do you want information for Apache or IIS server?

3. When i provide the username & password, it works fine. But when i try to again access something from the same location in the same browser , it does not promt fot the username & password.
   How can i do that?

4. alka,

   Browser remembers your password/username for current running session. If you close browser it will again prompt for the same.

   HTH

5. I want use the Password Protect Directories for add user in automaticly whit a simple FORM PHP … Tanks for your good services :P

6. Nice write-up. From the windows server standpoint running apache, check out http://www.groovypost.com/howto/apache/password-protect-apache-website/

7. Thank you for great tips.
   I did as said in here and it works great.
   But, I have a question.
   The password length that works is only max 8 char.
   In other words, all I have to enter is the first 8 char for the password. After 8 ch, the characters are ignored.
   Is there any way to increase the password length?

   Thank you very much

8. jason,

   You need to change password backend to mysql or ldap.

9. Have the same problem with 8-char password, but didn’t found the solution. Is there any way to fix it, please, explain more detailed.

10. I’ve gone through these steps on Ubuntu Hardy twice and it still doesn’t work for me. Is there something I’m missing?

11. try htpasswd -m … ;) (and man htpasswd for more)

12. Sweet! Instructions worked great on my freebsd box. I am curious though: Why did you choose put the file in /home/secure/, instead of a etc directory? I followed your recommendation and made /home/secure/ and it works fine. I was just wondering if there was a reason one should not put it in /etc or /usr/local/etc/ ?

13. ThanXx very much m8 ..its work great ..

14. Change directive
    Require user vivek
    to
    Requre valid-user

    will allow all users in the password file to access.

15. And now I figure it out. Thanks :)

16. ive followed the above instructions but when i try to open the site its giving me errors like “The website declined to show this webpage ,This website requires you to log in.” this what am getting in the httpd error logs “[error] [client XX.XX.XX.XX] client denied by server configuration: /var/www/html/site1/”

17. Just a quick note to say thanks for the post. I’m developing a website on a new VPS with Rackspace. My existing host provider, HostGator, provides a web interface for configuring .htaccess files in protected directories. However, after I installed the my chosen Linux distro (Ubuntu 10.04) I had to install LAMP. So, basically, I’m working from the command line in a bare bones server.

    This post helped me configure password protection on my new bare bones server. Thanks again!

18. awesome!!!! this works so well for me. I made multiply accounts for Secured directory and now are secured. Vivek you are the man thank you!

19. Vivek everything works well on my box now… i made multiplier accoutn for diffrent directory with out a problem…my question is how can now make multiplier user id to access the same directory? I like to make about 5 user id in case one of the users id needs to be deleted or disable etc…

    Thank yuo for your help!

20. Set up SSL on apache2 Ubuntu. WOrks fine and prompts for password using http: but when you go the web server using https it does not prompt for a password. What configuration setting could be doing this?

21. Awesome article. Saved hours for me !

22. Thanks a lot! :) worked like a charm for me!

    Didn’t have to change the user privileges for the file though.

23. You can add option “s” to make the password using SHA instead of the default crypt which only allow eight (8) characters long passwords.
    The command becomes:

    # htpasswd -cs /home/secure/apasswords vivek

    You will notice that the file now has {SHA} in password line.

    If you want too add user to already created file, remove the c options

24. How do I add additional users? Every time I try it tells me it works but then I can’t use the new credentials to log in.

25. For some reason I don’t seem to be able to make it work. I have made all the settings, in cPanel I can see that the folder is password protected and I have a username but when I access the folder via http, it returns a 404 error. Why is that?

26. Vivek, It worked the first try!!!
    Thank You very much

27. hi team,

    i have setup apache password protect but not able to login with user which i have crteated

    plz help

28. Thanks man that’s was very helpful ^^thanks a gain

29. Thanks this tips are very used to me, its all are working in my box and saved my time also.

30. very helpful..worked fynn…thanks alot.. :)

31. Hi Vivek,

    I followed all the steps.. Now when I open apache link, it is asking username and password, if I enter the username and password, it does not take it.. Just keep asking..

    Please help me..

    Thanks

32. very helpful!! really good stuff about security!!!

33. can we block specific user from perticular ip address in apache?
    how can we do that?

    Thanks & Regards
    Vinay Gupta

34. How do I get different user names and passwords for different sub-directories ? I have multiple sites arranged like this: /site1, /site2, and so on. The problems are: (1) Once my computer logs into one of these sites, additional browser sessions on my computer can access any of the other sites without having to login, (2) Once I have connected to multiple of these sites, logging out from any one of them logs me out from all of them. I need them all to be independent of one another.

    1. Some of my text was left out. All of these sites are on the same server and have the same document root.

    2. I cannot get the username and password page shown above, the one in docs, to display. Is there another location ?

    Still, have a question? Get help on our forum!