Webzugriff durch Passwort sichern

This guide explains how to protect part of a site on a Web Hosting service by requiring a password to access a directory (including subdirectories) from a browser.

 

Simple Method

Password protect a directory (using Digest authentication) via the "Folder Protection" tool:

1. Click here to access your product management in the Infomaniak Manager (need help?).
2. Click directly on the name assigned to the relevant product.
3. Click on Security in the left sidebar menu.
4. Click on Folder Protection in the left sidebar menu.
5. Click on the directory to protect.
6. Enable protection with the toggle switch, then create one or more users*:
   
   • * Users are defined per directory; the tool does not support managing groups of users:
     
7. Click on the Add button.
8. Click the button to Add Access for an additional user if needed.
9. Click on the action menu ⋮ to the right of the relevant user to edit or remove them.
10. Click the toggle switch again to completely disable the protection of the directory:
    

Manual Method via .htaccess

Protect a folder with a password using your site's .htaccess file:

1. Choosing and Encrypting the Password

1. Connect to your hosting via an FTP software/client or the FTP Manager.

2. In the folder to protect, create a file named password.php and adapt the following content by replacing 12345 with the desired password:

   <?php
   $pass = "12345";
   echo password_hash($pass, PASSWORD_DEFAULT);  // Displays the encrypted password
   ?>

3. Open a web browser and view the password.php file (e.g., domain.xyz/protected_folder/password.php).
4. The browser displays your encrypted password; copy the encrypted password, which you will need in Step 3…

2. Create the .htaccess File

In the folder to protect, create a file named .htaccess and adapt the following content:

AuthName "Protected Admin Page"
AuthType Basic
AuthUserFile "/example/.htpasswd"
Require valid-user

Replace /example/ with the absolute path to the folder you want to protect. Example:

AuthUserFile "/home/clients/0f83c7afb710e5ae2645a1b704d8772f/web/protected_folder/.htpasswd"

3. Create the .htpasswd File

In the folder to protect, create a file named htpasswd.txt and adapt the following content:

login:encrypted_password

• Replace login with the desired username.
• Replace encrypted_password with the encrypted password copied in Step 1 of this guide.

Once the htpasswd.txt file is saved, rename it as follows: .htpasswd.

4. Testing the Login

Open a web browser and try to view one of the pages within the protected folder. If the guide has been followed correctly, the chosen (unencrypted) username and password will allow access to the protected folder.

Additional restrictions can also be applied via .htaccess.