Here's a breakdown of what each file consists of, followed by directions on creating the files:

The .htpasswd file is a list of usernames and passwords that you have chosen to give access to your private Web folders.  You can add and delete any number of people to this list.

The .htaccess file is the file that tells the server "This directory is password-protected."  The .htaccess file will not allow anyone on the Web to view the page unless they enter a valid username and password.

Creating the .htpasswd file

The .htpasswd file usually looks something like this:

johndoe:CdncECCAyEzTw
students:Cd14/h7NgCduU

The first field (before the colon) is the username, and the second field (after the colon) is the encrypted password.  Don't worry about the fact that the password is encrypted; there's a utility below that will translate your text password to an encrypted version.

To create the .htpasswd file, open up a blank text document in a text editor (e.g., NoteTab, Notepad, WordPad).

Next, you add entries to the file; you can add any number of entries. To create a new entry, use the HGSE Web site Password Protection Utility. Enter each username (composed of numbers and upper/lowercase letters only) and password that you want to add one at a time, and click the "Submit" button.  The resulting line of text should look like one of the entries above.  Simply cut & paste that line of text into your .htpasswd file.  Repeat as needed.

Important: Each username/password pair must be on its own line when you paste it into the .htpasswd file.

Once you've finished adding username/password pairs, save your .htpasswd file (don't forget the period at the beginning of the filename).

Note: If your text editor has trouble saving filenames starting with periods, you can save it without the period.  Just remember to rename the file adding the period once you FTP it to the server. Also, the file must have the name .htpasswd, NOT .htpasswd.txt, so try saving it using quotation marks (i.e., ".htpasswd"); if this fails, just remember to rename the file once you FTP it to the server.

After you save the .htpasswd file, you should FTP it to the server. The .htpasswd file should be placed at the top-level directory (the directory above public_html), immediately displayed once you log in.

Now you're ready to create your .htaccess file.

Creating the .htaccess file

To create your .htaccess file, simply open up a text editor, and cut & paste in the following text:

AuthType Basic
AuthUserFile /export/home/USERNAME/.htpasswd
AuthName "Welcome to my Web site"
require valid-user

In the AuthUserFile line, you'll need to replace the word "USERNAME" with your own Web directory username (tsc, hr, rp, smithjo, etc).

In the AuthName line, you can replace the text with whatever you wish (though you must surround it with quotes).

Once you've made these changes, save the file (don't forget the period at the beginning of the filename). 

Note: If your text editor has trouble saving filenames starting with periods, you can save it without the period.  Just remember to rename the file adding the period once you FTP it to the server. Also, the file must have the name ..htaccess, NOT .htaccess.txt, so try saving it using quotation marks (i.e., ".htaccess); if this fails, just remember to rename the file once you FTP it to the server.

Now you're ready to FTP the file to your Web site.

Important: When you ftp the .htaccess file to your Web site, you need to place it in the directory that you want to password protect. 

• If you want to password protect your entire Web site, you should place the .htaccess file in your public_html folder.
• If you only want to password protect a subdirectory, you should place the .htaccess file in that subdirectory.

Finishing Up

After you have placed both the .htpasswd and .htaccess files in the correct directories on the server, you should be able to navigate to your Web site directory using any Web browser, and see the password protection in place.

To see a working example of a password-protected directory, please follow this link.  The login name is "test" and the password is "test."

Adding/Deleting Users and Resetting Passwords

To add users, add their username/password pairs to your .htpasswd file, one pair per line.

To delete users, just delete their username/password pairs from the .htpasswd file.