How to Password Protect a Folder or File on a Hosting Package

On your hosting package, you can password-protect individual folders, subfolders, or files.

You can do this in the cPanel control panel -> Files section -> Directory Privacy icon.

Let’s take a look at how to:

1. Lock an entire folder or subfolder
2. Lock a file or a series of files

Read more: How to add a new user

If you want to set up multi-level locking (partly in the main folder, partly in subfolders), it is sometimes necessary to additionally edit the .htaccess file.

How to lock an entire folder or subfolder with a password?

From the list of folders, select the folder containing the subfolder or file you want to lock (you can also lock the entire folder if you wish). In our case, we want to lock the folder lock.yourdomain.com.

Then tick the “Password protect this directory” option to secure the entire folder. Enter the name of the entire folder in the “Enter a name for the protected directory” field. Then save your selection by clicking on the “Save” button.

NOTE: this will lock the entire folder zakleni.vasadomena.si; if you want to lock a subfolder located in this folder, enter the entire path to the subfolder. For example: if you want to lock the subfolder lock.yourdomain.si/locked, enter the entire path in the window, i.e. lock.yourdomain.si/locked.

You have now locked the entire folder zakleni.vasadomena.si, but you still need to create a user (or users) who will be able to log in to this folder with the appropriate access data.

When you lock a folder or subfolder, an .htaccess file is created in the folder you locked (or in the files you locked within it). If you cannot see it, you need to enable the display of hidden files and folders on your hosting package. Check here to find out how to do this.

If you wish, you can add additional parameters to the aforementioned file:

• Change the message when accessing this folder: add your message below the path to the authorisation file in the next line (special characters are not supported):
  AuthName "Za dostop je potrebno vpisati geslo"
• Change access options for users: if you have multiple users, you can further restrict them with a command written in the .htaccess file located in the folder you want to lock (or if you want to lock the files in that folder):
  # Allow access to every valid user:
  require valid-user
  # Allow access only to the specified user:
  require user uporabniško-ime

How to unlock the folder again?

To unlock the folder, navigate to the desired folder via the Directory Privacy icon, uncheck the “Password protect this directory” option, and click the “Save” button to save the change.

How to password protect an individual file or a series of files?

From the list of folders, select the folder containing the file (or files) you want to lock. In our example, these files are located in the folder zakleni.vasadomena.si, so we select this folder from the list.

Then, in the “Create User” section, simply create a new user who will be able to access this file. You can read about how to create a new user here.

Then, in cPanel -> File Manager, navigate to the folder where the file is located. In this folder, you need to create an .htaccess file (click the “File” button) if it does not already exist.

Then write down the path to the file where the user you just created is stored. You can access the folder via the cPanel control panel -> File Manager, located at:

• home/your-username/.htpasswds/

When you open the aforementioned folder, find the subfolder you locked (or the files you locked in that folder), which contains the passwd file where users and their access passwords are stored. Write down the path, as you will need to enter it later in the .htaccess file you created.

Lock a single file:

If you wish, you can also lock only a specific file. In our case, we want to lock the file lock.yourdomain.si/locked.html.

Example of code to enter in the .htaccess file located in the folder where the file you want to lock is located:

<FilesMatch "zaklenjeno.html">
AuthName "Za dostop je potrebno vpisati geslo"
AuthType Basic
AuthUserFile /home/vase_uporabnisko_ime/.htpasswds/zakleni.vasadomena.si/passwd
require valid-user
</FilesMatch>

Lock individual file types:

You can lock a type of file, for example all .HTML and .PHP files, as we will do in our example.

Example of code to enter in the .htaccess file located in the folder where the type of file you want to lock is located:

Options +Indexes
<FilesMatch "\.(html|php)$">
AuthName "Za dostop je potrebno vpisati geslo"
AuthType Basic
AuthUserFile "/home/vase_uporabnisko_ime/.htpasswds/zakleni.vasadomena.si/passwd"
require valid-user
</FilesMatch>

Code explanation:

• In the “FilesMatch” tag, write the name of the file you want to lock.
• In the “AuthName” option, you can enter additional text that you want to be displayed when attempting to access the file (above the username and password entry fields). Accents are not supported.
• In the “AuthUserFile” option, you must enter the full path to the .htpasswds folder or the subfolder where the passwords for accessing this file are stored (the folder is located outside the public_html folder). For the username, enter the username for accessing cPanel.
• For the “require” option: if you have multiple users, you can further restrict them with a command that you write in the .htaccess file located in the folder you want to lock (or if you want to lock the files in that folder):
  # Allow access to every valid user:
  require valid-user
  # Allow access only to the specified user:
  require user uporabniško-ime

How do I unlock files again?

To unlock files, remove the relevant part of the code from the .htaccess file located in the folder where the locked files are located. If there is other code in the .htaccess file, do not delete it, as it is most likely necessary for the proper functioning of your website.

How do I add a new user?

In the cPanel control panel -> Files section -> Directory Privacy icon, click on the folder to which you want to add a new user and add them in the “Create User” section.

Enter the desired username in the “Username” field and the desired passwords in the “New Password” and “Confirm Password” fields. Then save the new user by clicking on the “Save” button.

This way, you can add a user when locking a folder or a file.

All added users are listed in the “Authorised Users” field.

Alternative for protecting a folder with a password

In the cPanel control panel, you can lock each folder or website with a username and password.

1. Log in to the cPanel control panel (login instructions).

2. Find the Files section and click on the File Manager icon.

3. Find the folder you want to lock, right-click on it and select Password Protect.

4. A new tab will open: Directory Privacy. In the Security Settings section, tick the box Password protect this directory, enter any name you like in the Enter a name for the protected directory: , enter any name (without diacritics or special characters) and click on the Save button.

After clicking on the Save button, you should see a message similar to the one below, indicating that the step has been successfully completed.

Success: The system set the access permissions for the “/home/vasadomesh1/direktorij” directory.

5. In the Create User section, enter any username (without diacritics or special characters), password and password confirmation, and click the Save button.

6. You can access the folder that you have protected with a username and password by entering the full path of the folder in the URL address and entering the username and password requested by the website or folder.

Example: The folder direktorij is located in the folder public_html on the domain vasadomena.si. You can access this folder via the link: https://vasadomena.si/direktorij.

For further information, please call us on 059 335 000 or write to us at info@neoserv.si.