OZNET =>  WebSite Hosting ServicesWeb Hosting Support > protect a directory
SiteMenu:
Support Pages
 FTP Procedure
Email Set-up
FrontPage Extensions
Online Hosting Manual
Online Training
Web Hosting
Budget Web Hosting
Business Web Hosting
Business Site Plus
Virtual Private Server
 eCommerce
Domain Forwarding
Digital Certificates
Domain Registration
 Australian Domains
 International Domains
Web Site Services
 Design
 Promotion
Search Engine Ranking
User Policy

Hosting Site Map

 How do I protect a directory with .htaccess?
If you have a folder on your website that contains sensitive or restricted information, you can password-protect it to prevent unauthorized visitors from seeing its contents. There are two ways to password protect folders/directories on your website. We recommend the Folder Password Protection tool in the control panel for most users. If you are familiar with htaccess files, you can also edit them manually.

Using the Control Panel Tool
In your PlusMail Control Panel, click on Site Manager. Pick the directory you want by clicking next to it, then click the protect button. Follow the on-screen directions to specify usernames and passwords associated with that directory.

Manual Method
In the directory you want to protect with http authentication, create or upload a file called: .htaccess (include the "." before the "htaccess").

Files that begin with a dot are hidden from regular file listing (ls) commands. To see files that begin with a dot, do a complete file listing command (ls -al)

In that .htaccess file, have the following 4 lines:
AuthType Basic
AuthName "Description"
AuthUserFile /home/yourID/www/[file]
Require valid-user
For example, if your domain was example.com, then the 3rd line would read:

AuthUserFile /home/example/www/userlist

Then to create your password file so that its filename matches what you put as [file] in the .htaccess file. Do this at the Shell Prompt:

htpasswd -c filename username

For example:

htpasswd -c userlist user1

Then you will be prompted twice for the password. If you just want to add another user to an existing password file, or change a password for a user already in the file, then leave off the -c option. Type "htpasswd" by itself to see all the options.

You can also delete the .htaccess file from the command prompt by typing:

rm ../www/[directory]/.htaccess
(where /www/[directory] was the directory that you put the .htaccess file in to begin with).

When using the htpasswd command, if you see an error "Cannot create temporary file", then create a "tmp" subdirectory in your home directory with your ftp program or from the command prompt like so:
cd
mkdir tmp
Note: if you try to use a .htaccess override on an Apache server that has these overrides disabled you will get a 403, Forbidden error.

Pay with any of these cards

OZNET®  is a Registered Trademarks of Oznet Internet Services Pty Ltd.
© 2003 All rights reserved.

Oznet Internet Services Pty Ltd.
Web Hosting Service Provider 
 Sydney,  Australia
ABN 66 091 971 587
Phone: (+61 2) 9318 2188
Fax: (+61 2) 9318 0475
E-mail: