There are two files that must be inside your root directory in order to password protect your site.
- .htaccess — the .htaccess (hypertext access) file is a directory-level configuration file supported by several web servers, that allows for decentralized management of web server configuration.
- .htpasswd — .htpasswd is a flat-file used to store usernames and password for basic authentication on an Apache HTTP Server.
Step 1
cd into the main directory you want to password protect.
cd /your/root/directory
Step 2
Create the .htaccess file
Replace /your/root/directory.
vi .htaccess
AuthType Basic
AuthName "restricted area"
AuthUserFile /your/root/directory/.htpasswd
require valid-user
Step 3
Create the .htpasswd file
Create new htpasswd file and add user (you will be asked to enter your password).
Replace username.
htpasswd -c .htpasswd username
OR
Add additional users.
htpasswd .htpasswd username
Not only does password protecting your website keep users out, but it also removes your site from search results.