How do I password protect my site? (.htaccess)

This is a guide to creating simple password protection for your 123 Reg Hosting account.

You need to create two files, a .htaccess file and a .htpasswd file.


The .htaccess file must be placed within the directory you wish to password protect. It contains the names of all the valid users who are permitted to access the directory. The file should contain the following text:

AuthUserFile  /websites/123reg/LinuxPackage21/my/do/ma/
AuthGroupFile /dev/null
AuthName secure
AuthType Basic
require user joebloggs
require user mickeymouse
order allow,deny
allow from all


Please Note: If you are unsure of the full path for your hosting package, you can request it via a support ticket by clicking on the Ask a question tab above.


The section my/do/ma/ in the first line needs to be: the first & second characters of your domain name/the third & fourth characters of your domain name/the fifth & sixth characters of your domain name/your domain name.

The above .htacess file will prompt anyone trying to access the directory within which it is placed for a username and password. This file only allows two users – ‘mickeymouse’, and ‘joeblogss’. If you wanted to add another user (e.g. dolly), you would need to add this line to the file:

require user dolly


Once you’ve made your file, save it as .htaccess and place it in the directory you wish to protect.

.htpasswd file

The .htpasswd file contains all username and password combinations, and is called after the .htaccess file is executed (when an attempt is made to access a secure directory).

A valid .htpasswd file would look like:



Each username password entry is in the format [username][password]. All passwords must be encrypted for this to work (as in the example above).

So, how do I encrypt my passwords?

Well, luckily there are some free tools available on the net for the generation of enrypted passwords.

Many of these free tools can be found by going to a search engine such as Google and searching for “.htpasswd generator”.

Once you have added all the user/password combinations, place the .htpasswd file in the root (top most) directory of your hosting account.

You should now have a working password protected directory.