XF 1.5 Password Protection with htaccess


Well-known member
Password Protection with htaccess
With .htaccess it is very easy to password protect a folder or directory. The method is calledhtaccess password protection or htaccess authentication, and works by uploading two files called .htaccess and .htpasswd in the directory you want to password protect. The htaccess file should contain the following:

AuthType Basic
AuthName "Password Protected Area"
AuthUserFile /path/to/.htpasswd
Require valid-user
You only need to change “/path/to/.htpasswd” with the full path to your .htpasswd. Take a look at my article on how to find the full path using PHP. Next you need to upload the .htpasswd file which contains the username and password to enter the password protected folder. The .htpasswd file should contain:

The above code will allow the user “test” to access the password proteced area with the password “test”. The text “dGRkPurkuWmW2″ is a encrypted version of the password. You will need to use a htpasswd generator to create another password. Each line in the .htpasswd file contains a username and password combination, so feel free to add as many combinations as you like.

The automatic way – Use the generator
You can also just use the htaccess authentication generator to create a htaccess file for password protection.


in Safari on MAC you get the authorization window twice. Other threads explain, that it's because in index.php there are links with www.domain.com and without www, just http://domain.com.

In my index.php there are just links without www and with 301 I also force just to load the domain without www, which works on root but not in /forum) i.e.

<link rel="canonical" href="http://kontrakt18.org/forum/index.php" />
<meta property="og:url" content="http://kontrakt18.org/forum/index.php" />
<script type="application/ld+json"> { "@context": "https://schema.org", "@type": "WebSite", "url": "http://kontrakt18.org/forum/index.php", "potentialAction": { "@type": "SearchAction", "target": "http://kontrakt18.org/forum/index.php?search/search&keywords={search_keywords}", "query-input": "required name=search_keywords" } } </script>

Why does the authorization window pop up twice anyways?
Thanx! I already spent hours on this ;(
Top Bottom