How to protect the page

How to protect the page

The most obvious way of protection of the page against unwanted visitors - installation of the password of access. It is possible to make it as means any of server scripting languages, and regular means of the Apache Web server. The second option does not require language skills of programming therefore we will consider how to protect the page, using possibilities of the Web server.


1. At first it is necessary to create on the server the separate folder for pages which should be protected and to move there all protected pages. If all pages of the website are subject to protection, then this step can be passed.

2. In the protected folder the file with the name .htaccess containing instructions for the Web server should be placed. The software of the server at request of the document from the folder (the web page or any other file), will follow directives from the .htaccess file. It is necessary to place the instruction in it to demand from not authorized visitor of input of the login and the password. Create the empty file in any text editor (the standard Notepad quite will approach) and enter in it the following directives: AuthType Basic
AuthName ""This Page Is Protected!"
require valid-userzdes in the first line (AuthType Basic) is reported to the server that documents of this and all enclosed folders should be provided only to the authorized visitor. The second line (AuthName ""This Page Is Protected!"") contains the text which will be displayed on on a form for input of the login and the password. Enter that text which is necessary to you without using quotes (""). Path to the file storing logins and passwords for authorization of visitors is registered in the third line (AuthUserFile/usr/your_host/your_site/.htpasswd). It should be "absolute path" - from the most root directory of your account on the server with the indication of a full directory tree. On Web servers where the websites are placed, it as a rule has an appearance /pub/home/имя_аккаунта/имя_папки/имя_файла. The full path to your website from a root of the server can be seen in the admin panel of the website. It can be found out, also, for example having used the phpinfo command () the PHP language, or having just asked technical support of your hosting. The fourth line (require valid-user) contains a mark that anything, except the correct couple it is not necessary to demand the login / password for access to documents of this folder from the visitor. In more difficult option in this directive there is an opportunity to specify the requirement that the user (more precisely - its login) belonged to any specific group. For example, it is possible to separate users into administrators and ordinary users. Each such group can have the different rights for access to documents of different directories.

3. Save the created file under the name of .htaccess. That the text editor when saving the file automatically did not add the .txt extension, select the All Files item in a drop-down list saving dialog "File type".

4. The file containing passwords for authorization of visitors usually bears a name "" .htpasswd"", but it not the obligatory rule - can be given it and other names. To create this file you should use the special program with the name htpasswd.exe. It is necessary because passwords in the file are stored in the view encrypted in a special way is and the program does, creating the .htpasswd file. If in your computer the Apache server is installed - it is possible to take the program from the usrlocalapachein folder if is not present - for example, here - It is necessary to start the program of creation of the file of passwords from the command line. In the Windows XP operating system it is convenient to make it so: place htpasswd.exe in separately created folder, right-click the folder and select the Start of the Command Line Here item in the appeared menu. In the terminal of the command line it is necessary to enter: htpasswd - cm .htpasswd user_1htpasswd here - a name of the started program; - cm - the modifier specifying that it is necessary to create the new file of passwords; .htpasswd - a name of the created file; user_1 - the user login which will be added by the first to the new file. Click Enter and the request of input and confirmation of the password for the user of user_1 will appear. After input and confirmation of the password, the program will create the .htpasswd file containing one couple the login / password in the folder. For adding in the created file of the following users in the terminal of the command line repeat the same procedure, but instead of the modifier - enter cm only - m. There is an opportunity to read rather detailed help according to the htpasswd.exe program if ввести:htpasswd.exe/?

5. Created the file (.htaccess and .htpasswd) load both on the server of your website via the file manager of the panel of administration or any ftp-client. The .htaccess file should be placed in the same folder where the protected pages are stored. And the .htpasswd file should be saved in the folder, path to which you entered for it in htaccess. As a rule, files of passwords store in the directory located one level above a root folder of the website. It becomes in order that to the file there was no access from the Internet.

Author: «MirrorInfo» Dream Team