Password Protect a Directory with Apache .htaccess

View all our .htaccess Cheatsheet snippets here

First you need to create a .htpasswd file somewhere in the system. Run the following command at the command line:

htpasswd -c /home/hidden/directory/here/.htpasswd the_username

Then you can use it for authentication. In your .htaccess file you need something like the following code, but make sure the AuthUserFile is the file path to the .htpasswd you just created. You should keep the .htpasswd in a directory not accesible via the web. So don't put it in your /public_html/ or /www/ directory.

AuthType Basic
AuthName "Password Protected Dir Title"
AuthUserFile /home/hidden/directory/here/.htpasswd
Require valid-user

Remember that for most rules you must have the RewriteEngine on rule in your .htaccess file!!!

Please remember to double check and verify any rules that you use. If you do not understand a rule please consult someone who does. We accept no responsibility for your use of these rules - use them at your own risk. Please get in touch if you want us to add a rule!

This website is 100% free and one of the fastest loading .htaccess cheatsheet webpages on the web. It is all on one page, and optimised to help it quickly load and for you to easily find the .htaccess rules you need. Please get in touch if you have any questions. We will soon offer this page as a pdf download.

If you use this please consider linking back to http://htaccesscheatsheet.com/

Based heavily (on its first version) from phanan/htaccess.

Snippets with specified source belong to their respective owners and have their own license(s), whenever appropriate.

Other content belongs to the public domain. Refer to Unlicense for more information.
HomeContact/About usPHP's DomDocument CheatsheetTerms and Conditions • We do not set any cookies on our website. Please refer to our privacy policy for more details about our cookies.