How do I protect a Web page with a password?

This page is showing a generic answer.
To see a more detailed answer customized for you, type your domain name here:

You can use your account management control panel to protect Web pages with a password. If you do this, anyone trying to view those pages will be asked to enter a user name and password using HTTP authentication.

A password actually protects all the Web pages in a certain directory (folder). For example, you might put all your private Web pages in a directory named private, then protect that directory. If you do that, anyone visiting would be asked to provide a password.

You can have more than one private directory, with different password lists for each directory, if you wish. When you protect a directory, all the files in that directory (and in every subdirectory of that directory) are protected.

Enabling password protection

To password protect a directory:

  1. Login to the “My Account” control panel (having trouble?)
  2. Click Password Protect Web Pages
  3. Create a new password list by clicking Add New List.

You can add different user names and passwords to the list.

Once you have created the password list, you can use that list to protect any top-level directory of your website. (To add a new directory to the “Protected Directories” section of the control panel page, just create that directory in your Web design or FTP program first. Make sure that the directory name you use contains only letters, numbers, underscores and hyphens.)

If you want to use different password lists to protect different directories, you can use Add New List again to create as many additional password lists as you wish.

What do I do if the folder I want to password protect is not listed?

To keep things simple, our control panel only shows folders at the first level of your website. The Apache Web server software we use does allow you to password protect other directories, but the way it actually works can be quite confusing if you apply passwords to two different levels of your website.

Unless you’re extremely familiar with how Apache password protection works, we recommend only protecting directories at the top level. This makes sure you don’t accidentally create conflicting password rules at different levels.

However, if you’re an advanced user and you need to protect other directories (or even the whole website), you can do that quite easily. The password protection for a directory is controlled by putting special lines of text in a file named .htaccess. In fact, all our control panel does is create those files for you.

If you’re an expert with “.htaccess” files, you can create the “.htaccess” files yourself manually (they work just as they do on any other Apache server).

Or you can use our control panel as a shortcut to do 90% of the work: simply password protect any first-level directory using our control panel (creating the necessary “.htaccess” file), then use your FTP program to move the “.htaccess” file to any other directory you want to protect (even to the top level of your website).

What if I really want to protect just one file?

Although it’s more complicated, our “Password Protecting Individual Files” page explains how you can protect a single file.

That more complicated method usually isn’t worth the extra hassle, though; it’s simpler just to create a new password-protected directory and put the file in it if you can.

After I enter my password to view a page, how do I logout?

To “logout” after viewing a password protected Web page, you have to quit your Web browser. There’s no separate “logout” option. (This is just the way Web browsers are designed; it’s nothing to do with our servers in particular.)