Set htpassword by htaccess file in Apache

Posted on 21 June, 2017

While managing online projects, you often need to limit access to the site against the outside world, so as to prevent search engine from accessing your site while it is in development phase. To add password protection to your site, you need to follow these steps:

1) Creating the password file:

A: You need to create a text file that will store username & encrypted password, seperated by colon. Following are some of the web-based utilities which encrypts password:

Create .htpasswd file inside the magento root folder. After that, copy and paste the username-password string that has been generated from above given utilities to the .htpasswd file.


B: Creating .htpasswd file through terminal

Open terminal window & move to the directory where you want to create .htpasswd file. Fire below command:

htpasswd -c .htpasswd username

You'll be prompted to enter the password and retype it.

2) Creating the .htaccess file:

Once password file is created, you need to instruct Apache to use it to protect your web pages.

Place the following code in .htaccess file:

AuthType Basic
AuthName "admin"
AuthUserFile /path/to/.htpasswd
Require valid-user

  •  AuthType tells Apache what type of authentication to use. In our case, it is basic authentication.
  • AuthName will be displayed on the password prompt.
  • AuthUserFile is the location of your htpasswd file(full path).
  • Require tells Apache which authenticated users will be granted access to a resource.

In our case, any authenticated user will be granted access.

Multiple htpasswd user

You're not restricted to add just one username & password. To add multiple username-password, repeat the procedure of "Creating the password file" but add each new username/password line to your existing .htpasswd file.

Alternatively, if you're using terminal to create your passwords then, you can add extra users with the below command:

htpasswd .htpasswd username

Your website is now secure with password authentication. Hope this helped you. If you have any questions or comments, please do not hesitate to post them in the comments section.

Mona Mehta , Senior eCommerce Developer

Magento Technical Notes

About Emipro

Being an emerging leader in IT market since 2011, Emipro Technologies Pvt. Ltd. has been providing a wide range of business solutions in Odoo & Magento. We are pleased to have a large pool of contented customers with our meticulous work in the domain of ERP & e-Commerce. Our customers are companies of all sizes ranging from startups to large enterprises who realize that they need a professional internet solution to generate revenue streams, establish proper communication channels, to achieve desired goals and streamline business operations. [....] Read More

Our writings seems informative ?

Subscribe for our Magento Technical Notes and get more amazing stuff directly to your inbox!

Post Your Review


Your Review has been posted

1 Comment(s)

Dhaduk Mitesh

Posted on 23 June, 2017

This technical note is very useful for to set htpassword by htaccess file in Apache and easy explaination.Thank you...