This tutorial will show you how to password protect a directory on your website using cPanel.
Password protection allows you to control access to content that you do not want to be publicly available, and it prevents Google and other search engines from discovering and indexing the content.
Why Password Protect a Directory?
Commonly used to protect downloads, files or pages that you only want specific people to access, learning how to password protect directories will pay dividends for as long as your websites last. This will help restrict content when you don’t want it made publicly available.
Let’s go over the process of password protecting directories in cPanel together.
Configuring Directory Privacy in cPanel
Log in to cPanel, and in the “Files” section, click the “Directory Privacy” link or icon.
A file tree representing your website file structure will show. There are two links on each line of the file tree, the file icon, which expands the directory and takes you to the directories beneath it, and the directory name, which you click to configure password protection.
Start by clicking the file icon representing the root directory of your site. Continue clicking the file icons until the directory you wish to password protect shows.
When the directory you wish to password protect shows, click the directory name to continue.
There are two steps to password protecting a directory. First, select the “Password protect this directory” option, and enter a name (cPanel doesn’t seem to add the name entered here to the login sequence, so enter whatever you’d like).
Click the “Save” button.
You will see an access permissions success message. Click the “Go Back” link.
For the second part of the setup, scroll down to the “Create User” section and complete the “Username,” “New Password,” and “Confirm Password” fields.
Note that the system will analyze your password or passphrase and reject it with a “password strength” error if it is too short or not sufficiently complex.
Click the “Save” button.
If the password protection was successful, you’ll see a success message.
Now when you visit the protected directory you’ll get a username/password challenge.
An Important Note About What’s Happening Behind the Scenes
cPanel creates two files when it password protects a directory. You get an “.htaccess” file in the directory being protected. You also get a “passwd” file outside of the publicly viewable structure of your website. This is (in the .htpasswds directory above your home directory).
It’s important that the .htaccess file in the directory being protected is not deleted while you’re working on your site. This also applies to the passwd file, but that’s unlikely to be accidentally deleted. If either of the files is deleted, the directory will no longer be password protected. You will need to repeat this process to reinstate protection.
Is any section of your website password protected? Now that you know how easy it is to protect a directory, do you think you’ll use this tool?
Author: Michael Phillips
Michael Phillips is a web hosting industry veteran, helping people make the most of their web presence since 1995.