With .htaccess it is very easy to password protect a folder or directory. The method is called htaccess password protection or htaccess authentication, and works by uploading two files called .htaccess and .htpasswd in the directory you want to password protect. The htaccess file should contain the following:

AuthType Basic
AuthName "Password Protected Area"
AuthUserFile /path/to/.htpasswd
Require valid-user

You only need to change “/path/to/.htpasswd” with the full path to your .htpasswd. Take a look at my article on how to find the full path using PHP. Next you need to upload the .htpasswd file which contains the username and password to enter the password protected folder. The .htpasswd file should contain:


The above code will allow the user “test” to access the password proteced area with the password “test”. The text “dGRkPurkuWmW2” is a encrypted version of the password. You will need to use a htpasswd generator to create another password. Each line in the .htpasswd file contains a username and password combination, so feel free to add as many combinations as you like.
The automatic way – Use the generator
You can also just use the htaccess authentication generator to create a htaccess file for password protection.