Want to password protect your Web site? .htaccess lets you do that on systems running Apache.

First you need to create a file with the passwords. Go to http://www.engr.sjsu.edu/daluu/scripts/htpasswd.php and enter the username and password you'd like to create; then cut-and-paste the text that site gives you. Create a new blank text file, and paste the text in.

Now upload that text file to your Web site, calling it .htpasswd. Ideally, you'll upload this to a part of your site that you can't get to from a Web browser ("outside the Webroot" in technical language).

Create a new blank text file. Put in the following:

AuthType Basic
AuthName "This is the prompt in the password dialog"
AuthUserFile /path/to/.htpasswd
AuthGroupFile /dev/null
Require valid-user

• The first line is required and just says "turn on password-protection!"
• The second line includes the text you want to be shown in the password dialog the computer pops up.
• The third line is the path to the text file with the password you just made. This may be non-obvious! Check your Web hosting plan's help or FAQ. It's ""not"" the same thing as the path in your browser's Location bar.
• Line four says "hey we're not making this more complicated." Just don't worry about it.
• Line five says "only let in users from the .htpasswd file. You can also specify individual users that you'll allow, using Require user1 user2 useretc if you'd like to keep many username:password pairs in your .htpasswd file but not let all of them in to every part of your site.

Save this file as .htaccess. Upload this file to the directory you want to password-protect. There you go!