Password protecting a domain using .htaccess

By tarifa
in Smart Home, Network & Security

 Share

Recommended Posts

Proficient

tarifa

Posted
Posted


hello dear experts, 

i am currently trying to achieve password protect a domain and all of it's subdirectories and files, but my knowledge on the matter is very limited, how can I go about doing that?

i want to do this for a wordpress site - in other words:; i want to passwordprotect a site ;  i guess that this is a simple two step process  - In the .htaccess i think i can put 

AuthType Basic
AuthName "restricted area"
AuthUserFile /path/to/the/directory/you/are/protecting/.htpasswd
require valid-user


for the password generation i can use 

- the passwordgenerator of python or 
- the passwordgenerator of keepass or i also can make 
- use of http://www.htaccesstools.com/htpasswd-generator/ or simpliy 
- command line to generate password and put it in the .htpasswd

Note 1: i am using winSCP or filezila to put it to the server - btw. should i do more confifguration; e.g. configure in the security section "Password Protect Directories"

then propably we need to do a AllowOverride All to the directory of the .htaccess (or at least to previous ones) in http.conf followed by a apache restart 

<Directory /path/to/the/directory/of/htaccess>
      Options Indexes FollowSymLinks MultiViews
      AllowOverride All
</Directory>

note:  what if i want to have this protection in a special way - so that i can 

- call the domain 
- open the passwordprotected site - and have access to the site for 2 or 3 hours 
- is this possible?!


note - generally i have learned that i can passwordprotect a directory served by Apache via  a .htaccess file in the directory we want to protect and a .htpasswd file that can be anywhere on our system that the Apache user can access (but put it somewhere sensible and private). 
is it a good idea to put .htpasswd in the same folder as .htaccess. The .htaccess file for the wordpress already exists:  if it would not exixt i should have to create it and insert: 

AuthType Basic
AuthName "Your authorization required message."
AuthUserFile /path/to/.htpasswd
require valid-user


Then we should create a .htpasswd file using whatever username and password we want.  And yes: The password should be encrypted. 

note: i am on a Linux server, - well here we can use the htpasswd command which will encrypt the password for us. Here is how that command can be used for this:

htpasswd -b /path/to/password/file username password
    


the question is: how to achive that: what if i want to have this protection in a special way - so that i can 

 

- call the domain 
- open the passwordprotected site - and have access to the site for 2 or 3 hours 
- is this possible?!

Proficient

tarifa

Posted
  • Author
Posted

 

 

- well i probably can take a wp-plugin --... since all i want to protect is a wp-site itself.. what do you say bout this following plugin .. and its concepts:

 

How to Restrict WordPress Site Access by IP or Logged In ...

 

https://wordpress.org/plugins/restricted-site-access/


 

  Quote


 

- Adds a number of new configuration options to the Reading settings panel as well as the Network Settings panel in multisite. From these panels you can:

- Enable or disable site restriction

- Change the restriction behavior: send to login, redirect, display a message, display a page

- Add IP addresses to an unrestricted list, including ranges

- Quickly add your current IP to the unrestricted list

- Customize the redirect location, including an option to send them to the same requested path and set the HTTP status code for SEO friendliness

- Define a simple message to show restricted visitors, or select a page to show them – great for „coming soon“ teasers!

 


 

Expand  

reviews: 

Protecting my development and test sites with this Plugin has been part of my workflow for a long time. 

It’s simple, effective and elegant–works so seamlessly that I forget it’s not just part of core WordPress. 
I’m delighted to see the authors are continuing to actively support it as is evidenced by the “Under 
the hood refactoring and clean up for performance and maintainability” in the latest maintenance releas

this plugin is briliant if you want to launch a new site of work on an existing one. 
You simply generate a new ‘coming soon’ page with your favorite page builder and point to it. 
You add your IP (and everyone else’s you want to give access to) and you can savely test processes on the live url, 
with everybody else being denied access.

great plug-in to restrict site access by IP address.
I’m glad I found this useful and easy to use plug-in (settings through Dashboard, Settings, Reading, below)

After trying a few plugins who gave a lot of really advanced options. And took too long for my attention span to get 
it working. This charming little plugin came in. And all was well.

am a divi user and this plugin allows me to create my maintenance pages with the builder. Very nice !
I am staging on the internet and wanted to hide my development. This works perfectly. most construction page plugins are very limited in what they do. with this plugin you can put your old html site into a subfolder while contructing your stunning wordpress pages by redirecting visitors to the subfolder. works like a charme

 

 

....well after all this sound interesting . guess that i will  give it a try

 

 

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • TP-Link Tri-Band AXE5400 Wi-Fi 6E Gaming Router Archer GXE75 is just $135

      By hellowalkman · Posted

      TP-Link Tri-Band AXE5400 Wi-Fi 6E Gaming Router Archer GXE75 is just $135 by Sayan Sen If you’re juggling gaming consoles, 4K streams and a growing roster of smart devices, the TP-Link Archer GXE75 Tri-Band AXE5400 Wi-Fi 6E Gaming Router is a good option to look at right now, considering the device is currently on sale at just $135 (purchase link under the specs table below). The Archer GXE75 promises up to 5.4 Gbps of throughput across three bands: 574 Mbps on 2.4 GHz, 2402 Mbps on 5 GHz and 2402 Mbps on 6 GHz (HE160 channels enabled). A 2.5 Gbps WAN/LAN port pairs with three 1 Gbps LAN ports and a USB 3.0 port for fast file sharing or printer access (purchase link down below). The quad-core CPU and 512 MB of RAM should help to handle multiple streams without bogging down, while MU-MIMO, OFDMA and 1024-QAM improve efficiency when several devices connect simultaneously. The router’s built-in Game Accelerator engine is said to automatically prioritize gaming packets (both wired and wireless), and TP-Link’s GPN (Gamers Private Network) acceleration can reduce packet loss for supported titles. HomeShield security brings firewall protection, device quarantining and parental controls. The technical specifications of the router are given below: Specification Details Wireless Standards IEEE 802.11ax 6 GHz; IEEE 802.11ax/ac/n/a 5 GHz; IEEE 802.11ax/n/g/b 2.4 GHz Wi-Fi Speeds 6 GHz: 2402 Mbps (802.11ax); 5 GHz: 2402 Mbps (802.11ax); 2.4 GHz: 574 Mbps (802.11ax) Spatial Streams 6 streams (tri-band OFDMA/MU-MIMO) Processor 1.7 GHz 64-bit Quad-Core CPU Memory 512 MB high-speed RAM Ethernet Ports 1× 2.5 Gbps WAN/LAN; 1× 1 Gbps WAN/LAN; 3× 1 Gbps LAN USB 1× USB 3.0 SuperSpeed port (up to 10× faster than USB 2.0) Antennas 4× high-performance external antennas with Beamforming Buttons Power On/Off; Reset; WPS/Wi-Fi; LED On/Off Working Modes Router Mode; Access Point Mode Security WPA, WPA2, WPA3, WPA/WPA2-Enterprise; SPI firewall; Access Control; IP/MAC binding; Application-layer gateway; HomeShield security suite VPN OpenVPN, PPTP, L2TP (server & client); WireGuard (server & client) Software & Services IPv4/IPv6; TP-Link HomeShield; EasyMesh; Parental controls; QoS by device; WAN types (Dynamic IP, Static IP, PPPoE, PPTP, L2TP); DDNS (TP-Link, NO-IP, DynDNS); auto firmware updates Gaming Features Game QoS boost; gaming-port priority; Gamers Private Network acceleration; game-port forwarding; real-time game panel with stats & RGB control Operating Environment 0 °C – 40 °C; 10 %– 90 % non-condensing humidity Get the TP-Link Tri-Band AXE5400 Wi-Fi 6E Gaming Router Archer GXE75 at the link below: TP-Link Tri-Band AXE5400 Wi-Fi 6E Gaming Router Archer GXE75 | EasyMesh, HomeShield: $159.99 + $25 off with coupon => $134.99 (Sold and Shipped by Amazon US This Amazon deal is US-specific and not available in other regions unless specified. If you don't like it or want to look at more options, check out the Amazon US deals page here. Get Prime (SNAP), Prime Video, Audible Plus or Kindle / Music Unlimited. Free for 30 days. As an Amazon Associate, we earn from qualifying purchases.
    • WhatsApp for Windows is ditching UWP for a web app

      By SnyPer456 · Posted

      Oh no... here we go again. Tha same sh*t that happaned to Mail & Calendar...
    • Windows 11 is getting a useful new audio feature

      By excalpius · Posted

      I too have worked with pro gear for decades and so I found the interface to be unintuitive from both the pro and casual side (a rare "accomplishment" by what are obviously otherwise skilled coders, hehe). I eventually got it to work, thanks for offering, but I found other compatibility issues with my own use case, so I just dropped it entirely. Right now, I just use an analog line out/line in approach which works as expected across all usage scenarios. With both machines on the same power block/outlet, I'm not getting any analog hum or hiss. My next step will be to try the updated Multiplicity 4 when a bug, addressing this very issue unfortunately, is resolved. Knowing Stardock, that could be tomorrow or five years from now, so I check back every few months to see it it's fixed and I want to upgrade. Again, thanks for offering to help.
    • One of the best file managers for Windows 11 gets brand-new Omnibar and more

      By Files App · Posted

      We recognize that performance can use some improvements, and we continue to work on improving it. However, it's worth noting that massive performance improvements don't happen overnight, they take a lot of work and effort, and in most cases, the improvements are more noticeable when you compare across several updates. That said, Files is open-source and everyone is invited to help with these efforts 🙂
    • One of the best file managers for Windows 11 gets brand-new Omnibar and more

      By Files App · Posted

      A lot of effort has gone into improving stability and Files Preview now has a 99% crash free rate. These improvements will make their way to Files Stable when v4 is released later this year. If you're still experiencing issues, please report them on GitHub or Discord so we can track them properly.

  • Recent Achievements

    • Rookie
      Snake Doc went up a rank
      Rookie
    • First Post
      nobody9 earned a badge
      First Post
    • One Month Later
      Ricky Chan earned a badge
      One Month Later
    • First Post
      leoniDAM earned a badge
      First Post
    • Reacting Well
      Ian_ earned a badge
      Reacting Well

  • Popular Contributors

    1. 1
      +primortal
      495
    2. 2
      Michael Scrip
      203
    3. 3
      ATLien_0
      197
    4. 4
      Xenon
      137
    5. 5
      +FloatingFatMan
      115
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!