How do I password protect my site?

Using the panel to password protect your site

The easiest way to password protect your site is using the tool in the DreamHost panel. Navigate to the (Panel > 'Goodies' > 'Htaccess/WebDAV') page. You can then set up password protection there.

If you'd rather create it manually using SSH, view the following sections.

Creating an .htaccess file on your DreamHost web server

View the following article for instructions on how to create an .htaccess file on your web server:

You should use the SSH option to create the file.

Password protecting your site

Creating the .htpasswd file

You can use an .htaccess file to password protect a file or folder using basic authentication.

  1. Create an .htpasswd file via SSH in the directory you wish to password protect.
  2. Create this file using the htpasswd utility. For the first user, say user1, run the following:
    [server]$ htpasswd -c /home/username/example.com/.htpasswd user1
  3. Enter the password for the user. This creates a password for a user named 'user1'.
  4. Run it again (without the -c option) for any other users you wish to allow access to your directory.
  5. Set the permissions on this file to 644.
    [server]$ chmod 644 .htpasswd

View the following page for further information:

Creating the .htaccess file

Next, create an .htaccess file using the 'nano' editor:

[server]$ nano .htaccess

Code examples to add to the .htaccess file

This example password protects an entire website directory. Make sure to change the lines in bold to your actual file path while changing to your username and domain name.

#Protect Directory
AuthName "Dialog prompt"
AuthType Basic
AuthUserFile /home/username/example.com/.htpasswd
Require valid-user

This example password protects a single file:

#Protect single file
<Files admin.php>
AuthName "Dialog prompt"
AuthType Basic
AuthUserFile /home/username/example.com/.htpasswd
Require valid-user
</Files>

This example protects multiple files:

#Protect multiple files
<FilesMatch "^(admin|staff).php$">
AuthName "Dialog prompt"
AuthType Basic
AuthUserFile /home/username/example.com/.htpasswd
Require valid-user
</FilesMatch>

Using the panel to password protect your site

There is also a simpler way to do this in the DreamHost panel. Navigate to the (Panel > 'Goodies' > 'Htaccess/WebDAV') page. You can then set up password protection there.

Force HTTPS on your login prompt

You do not want to log into your site over an HTTP connection. View the following article which explains how to redirect your .htaccess login prompt to HTTPS:

See also

Did this article answer your questions?

Article last updated .