Password protection using .htpasswd

Posted in February 2012 by under sysadmin

I often have to look up simple things that really I should be able to remember. One of those things is setting up password protection using .htpasswd on apache.

Create a file called .htpasswd using the htpasswd command

htpasswd -c .htpasswd richard

Then enter the password when prompted. If you want to add users to an existing file, you don't need to use the -c flag.

htpasswd .htpasswd another_user

Then to make apache require a username and password, add the following to the .htaccess file in the root of the directory being protected

AuthUserFile /full/path/to/.htpasswd
AuthGroupFile /dev/null
AuthName "Protected Directory"
AuthType Basic

require valid-user

That is all there is to it.