In Ubuntu server, .htaccess file access is disabled by default. Apache suggests in general that .htaccess be disabled if the users have access to the server’s configuration files.

There may be cases when users do not have access to Apache’s configuration setting files or some acute cases where users run multiple applications which might need different access controls at private and public levels.

Getting to know how to access files at different levels will help in easy management of access levels.

In this step, we will see how we go about creating .htaccess file to password protect a directory/folder.

Go to the directory which you want to password protect and inside that folder create the file “.htaccess”. Ensure that you give read and execute permission for this file by issuing the command

user@myhost:~# chmod 755 .htaccess

The content of a basic .htaccess file will look like this

AuthUserFile /secured/.mypass
AuthName “Authorized Access”
AuthType Basic
require valid-user

A slight variation of the .htaccess file can go a step further by limiting the users for only certain methods of access like POST, GET, PUT. Adding the below line instead of “require valid-user” will help you achieve this

<Limit GET POST PUT>
require valid-user
</Limit>

To password protect a single file in a folder we add the following lines to .htaccess file:

<Files “personal-page.html”>
require valid-user
</Files>

Read about password creation here