Password protecting a directory on your site is actually fairly easy. Webmasters typically want to protect a directory if they have information that they want to make available only to a selected number of people. This guide teaches how you can make a folder on your website accessible only to people with the appropriate password.
Step 1: Login to your DirectAdmin panel at http://ipaddress:2222 as user account.
Step 2: Under File Management, click Password protected directories
Step 3: The following screen will show you current protected directories and the ability to password protect one
Step 4: Click Find a Directory to Protect to set one up
Step 5: The following screen will give you a directory listing where you can set permissions, delete, and password protect a directory
Step 6: Locate the folder and click Protect to setup password protection
Step 7: Fill in the password to complete the action
- Password Protect a Directory
To password protect your directory:
+ Select the directory in which you wish to begin working in the pop-up window.
+ Click the Go button.
+ Select the directory you wish to protect from the list.
+ Using the Name the protected directory field, assign a name to the password protected directory. (This is the name visitors will see. It can appear as anything, no matter what the directory is called.)
+ Click Save.
After you complete this process, you will need create a user and password using the Create User section of this interface.
- Create a User
+ Enter the username, new password, and password confirmation in the appropriate boxes.
+ Click Add/modify authorized user.
Note: The new user's name will be added to the listbox under the Authorized Users heading, where it can be removed later.
- Remove a User
To delete password protection for a user:
+ Select the desired account name in the listbox beneath the Authorized Users heading.
+ While the name is highlighted, click the Delete User button to delete the account.
- Remove Password Protection
+ To remove password protection from the directory, uncheck Password protect this directory.
- The password protection only guards access through the web. You can still freely access your directories from your shell account. So can others on that server, depending on how the permissions are set up in the directories.
- It protects directories and not files. Once a user is authenticated for that folder, he/she can view any file in that directory and its descendants.
- Passwords and user names are transmitted in the clear by the browser, and so are vulnerable to being intercepted by others.
- You should not use this password protection facility for anything serious, like guarding your customer's data, credit card information or any other valuable information. It is basically only good for things like keeping out search engine bots and casual visitors. Remember, your data isn't even encrypted in the directory with this method.
- When you enable password protection, your .htaccess will be written and you may lost configuration in .htaccess of some common CMS (Joomla, WordPress, Drupal, Magento,...). You should take backup of it before you enable this feature.