Webhosting Password Protected Areas

From AAISP Support Site

Password protected areas are possible with our webhosting.

You can password protect any part of your web site by creating a file called password.txt in any directory.

If this exists then access to that directory and any other files and sub directories* require a username and password.

Include in the file a list of entries, one per line, with name:password . This lists the names and passwords allowed access. You can also include IP addresses, each on their own line, that will also be allowed without having to enter a username and password.

Users cannot access password.txt via a web page even if they correctly log in to access the directory.

The password.txt file protects every file and directory at and below that point, so you could have another password.txt file in a subdirectory. In this case the username and password used must be in both files to allow access, and so on for further sub directories.

  • Note: Protection of sub directories may be subverted by some cunning means, so this should not be assumed. To be sure, always put the password.txt file in every sub directory as well.

You can download an example password.txt file, but remember to change the password and the username! File:Password.txt.zip (unzip the file too!)

Password protection and HTTPS

Password protection currently breaks Let's Encrypt certificates for protected subdomains. However, a password protected directory should still be accessible from a higher level. For example, protected.example.com wouldn't get a certificate, but could still be accessible over HTTPS via example.com/protected/.

Other Webhosting pages

<ncl style=bullet maxdepth=5 headings=bullet headstart=2 showcats=1 showarts=1>Category:Webhosting</ncl>

Webhosting Service page on our main website