To password protect an individual file:
- Create a file named .htpasswdand place it above your root directory, so visitors can't access it.Create an encrypted password using either a utility such as the command line program htpasswd or an htpasswd generator. It doesn't matter how many individual files you wish to protect; they can all share a common .htpasswd file.
- Example of the root directory pathway for shared accounts : /home#/cpanelusername/.htpasswd
Note: Replace the # with the number that is reflected in your file manager's home directory
- Example of the root directory pathway for reseller, vps and dedicated server accounts: /home/cpanelusername/.htpasswd
- Example of the root directory pathway for shared accounts : /home#/cpanelusername/.htpasswd
- Create an encrypted password using either a utility such as the command line program htpasswd or an htpasswd generator. It doesn't matter how many individual files you wish to protect; they can all share a common .htpasswd file.
- Right click on the .htpasswd file and select the Code Edit option.
- In the popup that appears, click the Edit button.
- Place the generated .htpasswd information into the .htpasswd file.
- Click on the Save Changes button.
- Click on the Close button.
- Navigate to the directory where the file(s) that you would like to password protect lie.
- If an .htaccess file does not exist in the directory already, create one.
- Right click on the .htaccess file and select the Code Edit option.
- Insert the following code into the .htaccess file:
<FilesMatch "examplefile.extension">
AuthName "Member Only"
AuthType Basic
AuthUserFile /home/cpanelusername/.htpasswd
require valid-user
</FilesMatch>
Be sure to replace replace examplefile.extension with your file's actual name and replace cpanelusername with your actual cPanel username. - Click on the Save Changes button.
- Click on the Close button.
This will protect the specified file, while leaving all other files in the folder unprotected.
WordPress and Password Protecting Files
WordPress can have some minor conflicts with password protecting files due to the changes in the .htaccess rules. If you are experiencing issues with this, please refer to the following article:
- WordPress Preventing Password Protection
The following article will provide instructions for password protecting a directory in WordPress and resetting the permalinks once that has been done. This will involve editing the .htaccess file. Please review the following article for further information regarding how to edit your .htaccess file.
Edit .htaccess File
-
Edit the .htaccess file in your WordPress home folder (public_html) and remove the line of code shown in bold below:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngineOn
RewriteBase/
RewriteCond%{REQUEST_FILENAME}!-f
RewriteCond%{REQUEST_FILENAME}!-d
RewriteRule./index.php [L]
</IfModule>
# END WordPress -
Replace that line with this new line:
RewriteRule.//index.php [L]The final code snippet will look like this:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngineOn
RewriteBase/
RewriteCond%{REQUEST_FILENAME}!-f
RewriteCond%{REQUEST_FILENAME}!-d
RewriteRule.//index.php [L]
</IfModule>
# END WordPress -
Save your changes.
Reset Permalinks
- From the left-hand navigation menu in WordPress, click Settings > Permalinks. Note the current setting. If you are using a custom structure, copy or save the custom structure somewhere.
- Select Default.
- Click Save Settings.
- Change the settings back to the previous configuration (before you selected Default). Put the custom structure back if you had one.
- Click > Save Settings.
This should reset the permalinks and prevent any posts or pages from returning a 404 Page Not Found error. You should now be able to password protect a subdirectory.
Password Protect Multiple Files
You can protect more than one file by using wildcard names. On the FilesMatch line in the previous .htaccess code example, try one of the directives below:
-
<FilesMatch "*.html">
-
<FilesMatch "file.*">
-
<FilesMatch "*.*">
