Why Password Protect a Directory?
Directory Privacy is used to password-protect downloads, files, or pages that you only want specific people to access. When you enable this feature, a user that tries to open a protected folder will be prompted to enter a username and password before they can access the content.
How to Password Protect A Directory
Before beginning, you will need access to the cPanel of your hosting account. This can be done through the Client Area or by directly logging into the server. In cPanel, locate Directory Privacy under the FILES section and click to access the configuration screen.
You will now see a full list of all of your website’s directories. You can click on a directory to access its subdirectories, which can also be password protected. To the right of each directory, you will notice an EDIT button. Click on this button for the directory you wish to password protect. In our example, we're going to add password protection to the public_html directory. The No in the Private column indicates that the directory is not yet protected.
After clicking EDIT in the public_html row, you will be taken to a screen where the initial permissions for the folder you wish to password protect can be configured. Click the box next to Password protect this directory. This will then unlock the text box below it, where you can enter a name for the protected directory. This does not have to be the actual name of the directory. It will automatically add Protected ‘your directory name’ which should suffice unless you have a specific need for a personalized name. Once this has been done, click the Save button.
You'll receive a message stating that the system has set the access permissions for the directory. Click the Go Back link below it.
The second part of the process is to create a new user that can access the directory. When you click Go Back, you will see a new section titled Create User where you can fill out credentials for your newly privated directory.
Once you have filled in the necessary information, click the Save button. You will once again see the success message, indicating that your directory is password protected. Now when anyone accesses the directory, a Sign in dialog will appear asking for the username and password.
What’s Happening Behind the Scenes
cPanel creates two files when it password protects a directory. An “.htaccess” file is put in the directory being protected. You also get a “passwd” file outside of the publicly viewable structure of your website. This is in the .htpasswds directory above your home directory.