Directory Password Protection Using FTP

General Information

As a CalWeb Business account you will notice that you cannot access your business directory using your shell account. You can still use .htaccess and .htpasswd to protect your directories for web pages. Again, if you are using FrontPage you should not use these directions. Use your FrontPage Documentation and it's password protection interface instead.

.htaccess & .htpasswd

You first need to create your files. Do this under your user directory with your UNIX shell account. Follow the instructions in How to Create .htaccess and .htpasswd Files. You will want to do all the steps up to the actual testing step.

Once you have your .htaccess and .htpasswd file created, you are ready to start the editing and ftp process.


Using an FTP program, select and download the .htaccess and .htpasswd files that you have just created. Pretty simple so far. Remember to do transfer the files as ASCII only. All other methods will tweak the files just enough so that they won't work.

Using a basic text editor, ie: notepad, BBEdit...., open the .htaccess file. It should look similar to the following example, which we used to create in the instructions How to Create .htaccess and .htpasswd Files.

AuthUserFile /www/home/users/w/webstaff/.htpasswd
AuthName "Secret Stuff"
AuthType Basic

<Limit GET>
require user webstaff

The only line you need to edit is

AuthUserFile /www/home/users/w/webstaff/.htpasswd

Change the path to reflect where your business directory is located on our server. It is going to be the same one you use to change to when you FTP to your directory to upload files. Our is going to look like:

AuthUserFile /www/home/business/w/Webmaster/.htpasswd

Save your .htaccess file and that's it. You done with the editing.

All that is left to do is to place your files in your business web directory. With your FTP program, login to your business directory. In your main directory upload the .htpasswd file. Create a new directory, again we will create one called "secret". In the secret directory is were we will place the new .htaccess, as this directory where we want to add password protection.

That's it. Now you can test it. Just type your URL into a browser and presto you should have password dialog box pop up.