One of the standard tasks that is solved by using .htaccess is to restrict access to a specific directory on the server. For example, you need to give access to a certain directory to individual visitors, providing them with a unique login and password.
In the directory to which we want to restrict access by password, create a file .htaccess with the following directives:
AuthType Basic
AuthName "Some Name"
AuthUserFile /home/uXXXXX/.htpasswd
require valid-user Path /home/uXXXXX/.htpasswd indicates the full path to the password file on our server's disk. If, for example, you put the file .htpasswd (it will contain passwords) in the home directory where you get to the server via FTP, then the path to this file will look like /home/uXXXXX/.htpasswd, where uXXXXX is the name of your virtual platform (for example, u12345).
In the AuthUserFile directive, specify the absolute path to the file with usernames/passwords, which we will create a little later. If you create a .htaccess file on your computer, and not immediately on the server using a text editor, note that .htaccess must be transmitted via FTP strictly in text (ASCII) mode.
Creating a password file. The password file must contain strings like login:password. The password must be encrypted using the MD5 algorithm. One of the ways to create such a file is to use the program included in the Apache — htpasswd package (on our server it is located in the /usr/local/bin/ directory, the full path is /usr/local/bin/htpasswd).
Let's look at how to create a password file in unix shell directly on the server. Let's go into the shell and execute the following commands:
htpasswd -mbc .htpasswd user1 sNQ7j9oR2w
create a new file .htpasswd, to which we add an entry for the user user1 with the password specified in the command line. Please be sure to replace sNQ7j9oR2w with any own password — this password is specified here only for example
htpasswd .htpasswd user2
we add the user user2 to the already existing file .htpasswd, and enter the password manually in response to the corresponding request of the program
If you are using Windows and do not want to use unix shell to generate passwords, you can download the Windows version of htpasswd here and create a file with passwords on your computer, then upload it to the server. If you already have the Windows version of Apache installed, file htpasswd.exe can be found in the Program FilesApache GroupApachebin directory.
So, get htpasswd.exe and use it to generate passwords this way:
htpasswd.exe -mc .htpasswd user1
creating a new password file htpasswd.exe , the password and its confirmation will be requested interactively
htpasswd.exe -m .htpasswd user2
adding the user user2 to the existing password file htpasswd.exe by requesting the password interactively
After the end of the establishment of all logins, the file must be uploaded to the server.
