To secure a folder access through .htaccess, you can follow these steps:
- Create a new file in the directory you want to secure (or edit an existing .htaccess file if it already exists).
- Open the .htaccess file in a text editor.
- Add the following code to the .htaccess file:
AuthName "Restricted Area"
AuthType Basic specifies that basic authentication should be used.
AuthName specifies the authentication realm that will be displayed to the user when prompted for credentials.
AuthUserFile specifies the path to the .htpasswd file that will store the usernames and encrypted passwords.
Require valid-user specifies that only valid users will be allowed access.
- Save the .htaccess file.
- Create a .htpasswd file in a secure location (e.g., outside the web root directory) or use an existing one. This file will contain the usernames and encrypted passwords for authorized users.
Each line of the .htpasswd file should contain a username and the corresponding encrypted password, separated by a colon (:).
You can generate encrypted passwords using online tools, or you can use the htpasswd command-line tool to create and manage the .htpasswd file.
- Update the AuthUserFile directive in the .htaccess file to point to the correct path of the .htpasswd file.
- Save the .htpasswd file.
Now, when someone tries to access the secured folder, they will be prompted for a username and password. Only users with valid credentials will be allowed access.