Results 1 to 4 of 4

Thread: Cannot password protect a directory

  1. #1
    Junior Member Newbie
    Join Date
    Dec 2005

    Angry Cannot password protect a directory

    I have attempted multiple times to set up a password-protected directory using Plesk. I follow the usual process (same as shown in the online tutorial). Plesk even generates the directory for me if it was not already there. However, when I acccess a PHP file inside the directory via my browser, I am not prompted for the username/password I created for that directory.

    Does anyone know what I am doing wrong? Also... is it possible to protect a directory in a subdomain?

  2. #2
    Forum Administrator Power Poster Lyle@Spry's Avatar
    Join Date
    May 2005

    Default Tutorial link


    It is difficult to tell what is happening in your situation without investigating. Please PM me with your servers IP address, the domain name of the site, and the folder you are attempting to protect.

    In case others are curious, our tutorial on this subject is here.

  3. #3
    Junior Member Newbie
    Join Date
    Dec 2005


    For anyone who comes upon this at a later date... it may take 5-10 minutes for the protection to become active on the folder you specify. Lyle suspected browser caching as the cause.

    If you are trying to provide protection on a directory that is in a subdomain, this cannot be done with Plesk. There is however a .htaccess workaround method. Below are the steps required to do this:

    Step 1
    Create a file called .htaccess and upload it to the directory you wish to protect. The contents should be as follows:

    AuthType Basic
    AuthName "Type a prompt message here"
    AuthUserFile /usr/local/.htpasswd
    Require valid-user
    Step 2
    Create a file called .htpasswd its contents should contain a username/password in the form of:

    It is important to note that your password must be encrypted. You can go to a site such as

    Step 3
    Upload the .htpasswd file and move it to /usr/local/. I used a SSH client to move the file from the web directory I uploaded it to.

  4. #4
    Junior Member Newbie
    Join Date
    Jun 2006

    Default Password protect directories on subdomain - Plesk

    schizo, your solutions work very good. One suggestion that I could give is to use Plesk one step further so that you don't have to manually create/update the password file.

    What I did was:
    Step One
    Create fake password protected directory on the main domain (domain -> Directories -> Add New Direcotry) with something that does not exist on the domain and can be easily identified, for example s-sample.

    Step Two
    Create the necessary users for that protected directory.

    Step Three
    Open your domain's base httpd configuration file, which will be on /var/www/vhosts/(domain)/conf/httpd.include
    and loook for a line that contains
    <Directory "/var/www/vhosts/(domain)/httpdocs/s-sample">.

    Copy the lines between <Directory> and </Directory>, it should be something like:
    AuthType Basic
    AuthName "Restricted"
    AuthUserFile /var/www/vhosts/(domain)/pd/d..s-sample
    require  valid-user
    Step Four
    Create the .htaccess file using the text from step three, and place it on the directory that you wish to protect on the subdomain.

    If everything went fine, now your browser should request a user name and password, as provided from Plesk's interface.

    Hope it proves useful


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts