Password Protect a Directory with Apache .htaccess

View all our .htaccess Cheatsheet snippets here

First you need to create a .htpasswd file somewhere in the system. Run the following command at the command line:

htpasswd -c /home/hidden/directory/here/.htpasswd the_username

Then you can use it for authentication. In your .htaccess file you need something like the following code, but make sure the AuthUserFile is the file path to the .htpasswd you just created. You should keep the .htpasswd in a directory not accesible via the web. So don't put it in your /public_html/ or /www/ directory.

AuthType Basic
AuthName "Password Protected Dir Title"
AuthUserFile /home/hidden/directory/here/.htpasswd
Require valid-user

Remember that for most rules you must have the RewriteEngine on rule in your .htaccess file!!!

Please remember to double check and verify any rules that you use. If you do not understand a rule please consult someone who does. Or if you are new, please take time to learn the basics of .htaccess. We accept no responsibility for your use of these rules - use them at your own risk. Please get in touch if you want us to add a rule!

This website is 100% free and one of the fastest loading .htaccess cheatsheet webpages on the web. It is all on one page, and optimised to help it quickly load and for you to easily find the .htaccess rules you need. Please get in touch if you have any questions.

If you use this please consider linking back to

Based heavily (on its first version) from phanan/htaccess.

Snippets with specified source belong to their respective owners and have their own license(s), whenever appropriate.

Other content belongs to the public domain. Refer to Unlicense for more information.
HomeContact/About usTerms and Conditions • We do not set any cookies on our website. Please refer to our privacy policy for more details about our cookies.