How do I password protect my site? (.htaccess)

This article applies to 123-reg Linux Shared Hosting accounts.

This is a guide to creating simple password protection for your 123-Reg hosting account.

You need to create two files, a .htaccess file and a .htpasswd file.


The .htaccess file must be placed within the directory you wish to password protect. It contains the names of all the valid users who are permitted to access the directory. The file should contain the following text:

AuthUserFile /websites/123reg/LinuxPackage21/my/do/ma/
AuthGroupFile /dev/null
AuthName secure
AuthType Basic

require user joebloggs
require user mickeymouse

order allow,deny
allow from all

Please Note: If you are unsure of the full path for your hosting package, you can request it via a support ticket by clicking on the Ask a question tab above.

The section my/do/ma/ in the first line needs to be: the first & second characters of your domain name/the third & fourth characters of your domain name/the fifth & sixth characters of your domain name/your domain name.

The above .htacess file will prompt anyone trying to access the directory within which it is placed for a username and password. This file only allows two users - 'mickeymouse', and 'joeblogss'. If you wanted to add another user (e.g. dolly), you would need to add this line to the file:

require user dolly

Once you've made your file, save it as .htaccess and place it in the directory you wish to protect.

.htpasswd file

The .htpasswd file contains all username and password combinations, and is called after the .htaccess file is executed (when an attempt is made to access a secure directory).

A valid .htpasswd file would look like:


Each username password entry is in the format [username][password]. All passwords must be encrypted for this to work (as in the example above).

So, how do I encrypt my passwords?

Well, luckily there are some free tools available on the net for the generation of enrypted passwords.

Many of these free tools can be found by going to a search engine such as Google and searching for ".htpasswd generator".

Once you have added all the user/password combinations, place the .htpasswd file in the root (top most) directory of your hosting account.

You should now have a working password protected directory.


Answer options

Your feedback was successfully added.

Answer tracking


Watch the content of this article for changes.