1000 FAQs, 500 tutorials and explanatory videos. Here, there are only solutions!
Secure Web access with a password
This guide explains how to protect part of a site on a Web Hosting by making it mandatory to enter a password before viewing a directory (including subdirectories) from a browser.
Simple method
Password-protect (Digest authentication) a directory using the "Folder Protection" tool:
- Click here to access the management of your product on the Infomaniak Manager (need help?).
- Click directly on the name assigned to the product in question.
- Click on Security in the left sidebar.
- Click on Folder Protection in the left sidebar.
- Click on the directory to protect.
- Enable protection with the toggle switch and then create one or more users*:
- * Users are defined per directory; the tool does not allow managing user groups:
- * Users are defined per directory; the tool does not allow managing user groups:
- Click on the Add button.
- Click on the button to add access for an additional user if necessary.
- Click on the action menu â‹® located to the right of the user in question to modify or remove them.
- Click the toggle switch again to completely disable the folder protection:
Manual method via .htaccess
To protect a folder with a password using your site's .htaccess
file:
- Log in to your hosting via an FTP software/client or the FTP Manager.
In the folder to protect, create a file called
password.php
and adapt the following content inside by replacing12345
with the desired password:<?php $pass = "12345"; echo password_hash($pass, PASSWORD_DEFAULT); // Affiche le mot de passe chiffré ?>
- Open a web browser and display the file
password.php
(example: domain.xyz/dossier-à -protéger/password.php). - The web browser displays your encrypted password; copy the encrypted password, it will be needed later…
In the folder to protect, create a file called .htaccess
and adapt the following content inside:
AuthName "Page d'administration protégée"
AuthType Basic
AuthUserFile "/exemple/.htpasswd"
Require valid-user
Replace /exemple/
with the absolute path of the folder to protect. Example:
AuthUserFile "/home/clients/0f83c7afb710e5ae2645a1b704d8772f/web/dossier_a_proteger/.htpasswd"
In the folder to protect, create a file called htpasswd.txt
and adapt the following content inside:
login:password_chiffré
- Replace
login
with the desired login. - Replace
password_chiffré
with the encrypted password copied in step 1 of this guide.
Once the file htpasswd.txt
is saved, rename it as follows: .htpasswd
.
Open a web browser and try to display one of the pages contained in the protected folder. If the guide has been followed correctly, the chosen login and password (unencrypted) allow access to the protected folder.
Other restrictions can also be added by .htaccess
.