Password Protect a Folder or File on your Website
- What You Need
- Access The Password Protect Directories Tool
- Protecting a Directory
- Protecting a File
- Adding A User
What You Need
You will need the following items to complete this walkthrough.
- The username and password to your Bluehost account.
- The path and name of the folder you want to protect with a password.
Access The Password Protect Directories Tool
- Log in to your Bluehost account.
- On the left side menu option, click Advanced.
- Under the Files section, click on Directory Privacy.
- Log in to your Bluehost control panel.
- Make sure you are on the cPanel tab at the top of your account.
- Scroll down to the Security group of icons and click on Directory Password.
Protecting a Directory
- Navigate the folder structure and select the directory you want.
NOTE: To open a folder and see its contents click the folder. To select a folder for password protection, click on the folder name.
- Choose the Password protect this directory option.
- Enter the name for the directory; this will appear whenever someone accesses the directory.
- Click Save.
When you Password Protect a directory, the system will place configurations into a file called '.htaccess'. This file will be located in the folder that you protected.
In the .htaccess file will be statements such as the following:
AuthType Basic AuthName "Restricted Area" AuthUserFile "/home/[username]/.htpasswds/public_html/passwd" require valid-user
You will now need to modify the .htaccess file so that it applies the statements to a specific file. This is done with the following tags:
<Files [filename]></Files >
In this example, we will protect the file 'secure.html'. This is done by modifying the .htaccess statement as follows:
<Files secure.html> AuthType Basic AuthName "Restricted Area" AuthUserFile "/home/[username]/.htpasswds/public_html/passwd" require valid-user </Files>
This can also be used to protect multiple individual files in a directory, the method is very similar, however, this time use Apache’s
FilesMatch directive. This allows us to list as many files as needed:
<FilesMatch "(secure\.html)|(secure\.txt)"> AuthType Basic AuthName "Restricted Area" AuthUserFile "/home/[username]/.htpasswds/public_html/passwd" Require valid-user </FilesMatch>
Note: To add files, include more instances of “|(filename\.ext)”.
Adding A User
- On the Password Directories page, scroll down and until you see Create user. Add a username in the provided text box.
- In the password boxes, type the password you would like the user to have.
- Click the Add or Modify The Authorized User button.
The folder you selected will now require a username and password to gain access. You can use the username and password you created to gain access.