VICNET Help is open from
9am - 5pm weekdays
Call Us: 8664 7001
Toll Free from Country Victoria: 1800 629 835
Fax: 9639 2175

Library & Broadband Customers with
24hr Support please call the direct paging service immediately to report any outages.

Shortcuts

• Dialup Numbers Information
• Site Directory
• Internet Security

Help With

• Macintosh
• Windows
• Online Topics

Online Help

• Email Basics
• Email & Travel
• IRC/Chat information
• Mailing Lists
• Spam Policy

Web Design: Password Protecting your Web site

Sometimes when designing a Web page or site you might want to restrict access to the page/site, or part thereof. For example you may have a members only section of your site or perhaps a download section containing files you would like to be acessible by a limited circle of people. The best way to do this is to apply username/password based access restriction to your Web page/site.

The following procedure is not 100% secure however it will prevent the average person from accessing the section of your site that you choose to protect.

To password protect a section of a Web site hosted by Vicnet, you need to create two files named:

• .htaccess
• .htpasswd

Creating a .htaccess file

1. Open your favourite plain text editor such as Notepad if you use Windows or SimpleText on the Mac and create a new file named htaccess.txt
2. Type the following into the htaccess.txt file:

AuthName "Prompt Text"
AuthType Basic
AuthUserFile path/.htpasswd
require valid-user



• Replace "Prompt Text" with a short message describing the section of your site that you are protecting e.g. "Members Only". This phrase will be cut short if too long so make sure it is brief.
• Replace path with your site's full directory reference on our server...
  • For http://home.vicnet.net.au/~jcitizen/ customers this is /home/homevic/public_html/jcitizen
  • For http://www.yourdomainname.com.eg/ the path will be /home/jcitizen

For example, if you were the Web designer for http://home.vicnet.net.au/~jcitizen/ you would upload an htaccess.txt file into a directory such as /public_html/members/. The htaccess.txt file would look something like this:



3. Save your htaccess.txt file
4. Using an FTP program, upload the htaccess.txt file in ASCII or TEXT mode into the directory you wish to password protect
5. Within your FTP program, rename the file from:

htaccess.txt

to:

.htaccess

Note: If you cannot see these files after renaming them, your FTP program is not configured correctly. Please ensure your FTP program is configured to show hidden files.

Creating a .htpasswd file

1. Go to the Vicnet htpasswd encoder page



2. Within the Input box, enter each username:password combination that you want to be allowed access to your site. e.g.

paul:footy
andrew:gamer
anthony:linnix

Usernames must be unique and should not contain any special characters like colons, quotes, semicolons etc.

3. Click the Encode button



4. Select the contents of the Output box
5. Copy the contents of the Output box
6. Open your favourite plain text editor such as Notepad if you use Windows or SimpleText on the Mac and create a new file named htpasswd.txt
7. Paste these username:gibberish combinations into your htpasswd.txt file
8. Save your htpasswd.txt file
9. Using an FTP program, upload the htpasswd.txt file in ASCII or TEXT mode into the directory above your /public_html/ directory

Rename the file from:

htpasswd.txt

to

.htpasswd

i.e. Nothing should precede the "." and there should not be any filename extension such as .txt or .doc

Congratulations, your Web directory should now be password restricted! To remove the restriction, remove the .htaccess file in the directory that's restricted.