Access Control With .Htaccess

What does .htaccess actually do?

.htaccess-files are hidden files, which are processed by the Apache Webserver. Depending on the configuration of Apache2 the .htaccess-files can modify the behaviour of the webserver, e.g. by modifying values of modules (Rewrite, Expires, …) .

How to password-protection of files and directories

Within the documentroot of your webspace-subscription the .htaccess-file can be used to password-protect a custom file or directory. To create a .htaccess-based login form just create a file called .htaccess via SFTP. Please make sure that the file is created in the document root of your webhosting-subscription (e.g. /web/username/www/subscriptionname).

Example:

AuthName "Protected Directory"
AuthType Basic
AuthUserFile /web/username/files/.htpasswd
require valid-user

After creating this .htaccess-file move to the files-directory of your webspace-subscription. You can now add an .htpasswd-file, which contains the user-information and the password-hash.

Use Shell To Generate .Htpasswd

You can use a shell to auto-generate a valid .htpasswd-file. To do so, simply log into a shell and enter.

 htpasswd -c .htpasswd username

You are asked to enter a password, which is stored as a hash.

On login.gwdg.de enter

 htpasswd2 -c .htpasswd username

Example:

username:laA94KcLcE53

Use Online Tools To Generate .Htpasswd

If you do not want to use shell to generate .htpassword, you can simply use our .htaccess-Generator:

htaccess/htpasswd-Generator

Example:

username:laA94KcLcE53

How to allow access for specific IP or IP-ranges

To grant access to users from specific IP-addresses or IP-ranges, you need to create a .htaccess-file in the document root of your webhosting-subscription.

Example (single IP/Apache 2.2):

order deny,allow
deny from all
allow from 123.123.123.123 

Example (IP-range/Apache 2.2)

order deny,allow
deny from all
allow from 123.123.123.0/24 

Example (single IP/Apache 2.4)

Require ip 123.123.123.123