Joshua's Docs - Apache htpasswd Cheatsheet


What & Link Type
Apache Docs - htpasswd Docs
Digital Ocean - Setting up Password Auth With Apache Guide

Creating the Password File

If you have a local Apache installation (e.g. WAMP/LAMP/MAMP), you might already have the htpasswd program installed locally. Or, you could execute it directly on the server by SSH'ing in first.

Try where htpasswd or which htpasswd to see if you get back a path, and verify you have the program installed.

The program has a ton of options, but a basic command to create a password file can be:

htpasswd -c -B FILE_TO_CREATE USER

# Example:
# htpasswd -c -B /etc/apache2/.htpasswd joshua

Using the Password File

There are multiple ways to use the generated htpasswd file with your server, but for quick projects, I like using the htaccess method. Full steps are outlined here, but to sum up: place a .htaccess file in the directory you want to secure, noting where the password file lives in relation to the directory.

The contents of the .htaccess should look something like this:

AuthType Basic
AuthName "Restricted Content"
Require valid-user
# The line below needs to point to the location of the password file
# In this example, it is in the *same* folder as the `.htaccess` file
# The password file does not have to be named exactly this way,
# but the path needs to match
AuthUserFile ".htpasswd"

You might also be interested in my htaccess cheatsheet

Markdown Source Last Updated:
Tue Mar 16 2021 12:05:32 GMT+0000 (Coordinated Universal Time)
Markdown Source Created:
Mon Mar 15 2021 13:56:34 GMT+0000 (Coordinated Universal Time)
© 2024 Joshua Tzucker, Built with Gatsby