Can someone please help me with how to .htaccess and .htpasswd my website.PLEASE HELP

Yup. It seems complicated at first but is really fairly simple. Here is a basic method for password protecting a folder on your site:

open notepad (or other plain text editor) and type this (no extra spaces each on it's own line:



# Begin password protection #
AuthName "This is the Realm"
Require valid-user
AuthUserFile /home/usr/public_html/path/to/root/.htpasswd
AuthType basic
# End password protection #


Then choose file>>save as..

When the box appears type in the name .htaccess don't forget the "dot" at the front.
In the drop down box (just below where you enter the file name) select "all file types" this way ".txt" will NOT be added to the name. then save it.

Now you need an encoder. There are several around the web. The two best are found atB&T's Tips and Scripts (http://tips-scripts.com) in the right menu bar (you will see a spot to enter a username and password, enter them and click encrypt), a pop up will appear with the hash in is, copy it and paste it into a new notepad document.

Or the one right here at DD Passwords (http://tools.dynamicdrive.com/password/) Same basic steps here.

you will have a code like:



user:$1$PGbCQieL$hbvRHw2fWUtZjb7xgl1uM1


save this the same way as before but as .htpasswd

then upload the .htaccess to the folder you want to protect, and the .htpasswd to your root folder (or somewhere you choose - they can be the same folder, but this isn't recommended).

that's it. A few notes:

in passwd, the username is never encrypted, the colon is always following the username (user: ) the password is encrypted in a non-reversible hash, meaning if you forget the password, you can not ever recover it.

for access:

Next to AuthName what ever is in quotes is what will appear on the box. the "Realm" You can leave it empty ( "" ) or have it say anything you want, like "Please enter your user name and password"

The path next to AuthUserFile is the relative path to the folder that houses the passwd file. public_html may be called root on your server, etc. just make sure it all points to the passwd file and you are set.

Thanks. It seems that when i load these files it password protects my whole site which is not what I want. I have never written scripts or any thing before for a website. When I uploaded the site I did so to public_html folder.I dont realley understand what i am doing .Maybe you could help further. Would you be willing to log in via ftp to have a look and further advise?????

The file will password protect the folder it is in, and any that are below it.

If it is protecting your entire site is is outside the public_html folder, and needs to be moved INSIDE the public_html folder ;)

I can do that for you, but we would help more people (and you wouldn't have to give out FTP info) by keeping it in here.

I av forwarded details of ftp login to you via email.
regards jon