How to Protect a Directory with a Password
You can password protect directories (folders) via the cPanel, protecting all the files within the password-protected folders.
To password-protect a directory:
- Log into your cPanel (How to Log into cPanel).
- Under the Files section, click on the Directory Privacy icon.
- Click on the name of the directory that you wish to password protect.
- You will be redirected to a page where you need to select the checkbox for Password protect this directory.
- Enter a name for the selected directory. It is important to note that this serves as the label of that directory. It does not change the directory's actual name.
- Click on the Save button.
- A confirmation page will appear. Click Go Back.
- You will then need to create a User that can have access to this directory.
- Fill in the Username, New Password, and Confirm Password boxes. You can utilize the Password Generator button to generate a strong password.
- Click the Save button.
- Click Go Back.
To ensure your directory has been password protected, launch your browser and view the directory. If the browser prompts you to log in, then your folder has been password protected. This example shows the public_html (the domain name, example.com) has been accessed in a browser. When accessed, a pop-up box will show up.
404 Error When Using a URL With a Shared Server SSL
If you are accessing a password-protected directory with a URL that includes the use of a shared server SSL (https://securexxx.hostgator.com/~<user>/<whatever>) and receiving a 404 error, this is because Apache is looking for a 401 page and serving a 404 when it is not found.
To resolve this, add a single line to the .htaccess file in the protected directory, to give Apache the 401 pages it is looking for (ErrorDocument 401 Authorization Required).
For information on how to add this line to your .haccess file, please read:
In the following code, please be sure to replace yourusername with your actual cPanel username, and also be sure the gator114 is replaced with your actual server number. This information can be found in your Welcome Email as well as on the left navigation menu in your cPanel.
[root@gator114 /home/yourusername/www/home]# more .htaccess.old
AuthType Basic AuthName "home" AuthUserFile "/home/yourusername/.htpasswds/public_html/home/passwd" require valid-user
[root@gator114 /home/yourusername/www/home]# more .htaccess
AuthType Basic AuthName "home" AuthUserFile "/home/yourusername/.htpasswds/public_html/home/passwd" require valid-user ErrorDocument 401 "Authorization Required"
500 Error After Login
Check the folder ownership on the .htpasswds folder (above public_html). Change them from user.user to user.nobody and ensure the permissions are set to 750 and then refresh your protected page. The error will be gone.