Reference: http://www.cyberciti.biz/faq/howto-setup-apache-password-protect-directory-with-htaccess-file/

You can protect a directory in Apache on Linux by using .htaccess file. It requires apache authentication to access to the website.

Step 1: Setup Apache Authentication

  • Create a folder to store apache authentication
    # mkdir /mnt/secure_pass_folder
    # chown apache:apache /mnt/secure_pass_folder
    # chmod 775 /mnt/secure_pass_folder
  • Add a user and password of apache authentication
    # htpasswd -c /mnt/secure_pass_folder/pass_file_name username
    # chown apache:apache /mnt/secure_pass_folder/pass_file_name
    # chmod 660 /mnt/secure_pass_folder/pass_file_name


Step 2: Create .htaccess file

  • Go to your website path
  • Create a .htaccess file by vi with the following contentsAuthType Basic
    AuthName “Restricted Access”
    AuthUserFile /mnt/secure_pass_folder/pass_file_name
    Require user username

Step 3: Test if it works