You might have some sensitive page that you want to protect with the password. This is also known as Basic Authentication.
The good news is it’s possible, and it is super easy.
Why protect the webpage with a password?
Well, there could be many reasons, including.
Contain sensitive data on the page
The page is not ready, and you don’t want to make it visible publicly but share with someone
Whatever it is, let’s explore how you can protect.
Let’s take an example; I want to protect /client on lab.geekflare.com, which means if anyone access https://lab.geekflare.com/client should prompt for a password.
Let’s start with Apache first.
The first thing we need to create is a password file where all the credentials will be stored. The filename would be .htpasswd and you can place it anywhere on the server. I’ll create it under /etc/httpd/conf folder
You can create the file with the touch command
Let’s add the user who would be allowed to access /client. We need to use htpasswd command for this.
htpasswd /etc/httpd/conf/.htpasswd geekflare
The last section geekflare, is the user name. Change that with what you want and hit Enter.
Enter the password, and you will see a confirmation that the user is added.
[root@lab html]# htpasswd /etc/httpd/conf/.htpasswd geekflare
Re-type new password:
Adding password for user geekflare
If you cat the file, you will notice the password is stored in an encrypted format. It is good!
Try to access the /client page, and it should be asking for a password.
Enter the credential you set earlier to view the content.
Fancy .htaccess method?
Sure, you can implement basic auth through .htaccess file as well. You still need to generate credentials using htpasswd as explained above. Once done, you can add the following in the respective folder’s .htaccess file.
Let’s implement Basic Authentication in Nginx by following.
We will take help from Apache Utils to generate the credentials. If the server doesn’t have Apache HTTP installed, then you need to install the utils separately as below. If unsure, you can execute htpasswd to see if it works. If it doesn’t, then you know you need to install it.
dnf install httpd-tools
yum install httpd-tools
apt-get install apache2-utils
Let’s create the credentials similar to how we did in Apache.
htpasswd -c /etc/nginx/.htpasswd chandan
Don’t forget to replace chandan with the real user name you want
Next, we need to configure Nginx, so it restricts the particular URI with the password.
Let’s assume we need to protect /admin URI
Add the following in nginx.conf or other active Nginx configuration file
Install the plugin and configure the way you want to protect WordPress resources. This works with page builders such as Elementor, Divi, Beaver.
Alternatively, if you need a simple password-protected post or page, then you can take advantage of the inbuilt WP feature. You don’t need any plugin for this.
Go to the post or page you want to enable a password.
Under the publish section, click Edit next to visibility: Public
Select Password protected and enter the password.
Click, OK, and you are all set!
Need more ways to secure WordPress? Check out this guide.
If you are on shared hosting, then most likely you will have cPanel. The good news is cPanel offers a utility called Directory Privacy; from there, you can set a password for directory.
Login to cPanel
Search for Directory Privacy
Select the folder you want to protect. Like below, I’ve selected a folder called chandan, which is under public_html
Create the user which should be allowed and save
Once done, you will notice the folder has a lock
And, that’s it. The directory is password protected now. As you can see above, I’ve tested on A2 hosting, and it works great.
I hope the above helps you to protect certain URI, folder with the password using basic authentication. If you are looking for comprehensive website security, then you should consider implementing WAF.
Google Docs does a great job of keeping things simple. The default page setup works great for most documents, and common formatting options are right on the toolbar. However, when you need to do some advanced formatting, you’ll need to dig a little deeper.