Password protection is available for all of our Shared Hosting plans. Password Protection allows you to protect your directories from non-authorized access via a browser except for certain groups/users/referrers whom you explicitly allow. To setup Password Protection go to MyCP -> Password Protection.  You will need to create an authorized group and an authorized user as well as define which directory they apply to. You can find specific setup details below.

myCP® Password Protection

If you have more than one domain on your account, first you are asked which domain you wish to enable password protection for. After choosing the domain, you are brought to the main menu for password protection. From this menu, Microsoft Windows users additionally need to enable password protection for the domain by clicking on IIS Password under Enable/Disable at the bottom left, checking Password Protection to On, and clicking Update. Unix users do not need to do this step.

Managing Groups

An authentication group is a group name associated with a list of users. The groups are stored in the file .htgroup in your home directory. You can add, delete, edit, view groups and list all the groups you have using this myCP tool. Please do not edit these files manually as it may cause problems for myCP. Each group has its own users. A user can belong to multiple groups.

To add a group: testgroup:

  • From the Left Navigate Menu -> Groups -> Add
  • Enter Group Name: testgroup
  • Click on Add

To list all groups:

  • From the Left Navigate Menu -> Groups -> List/Edit/Delete
  • Click on List/Edit/Delete. All groups will be listed in the right frame.

To view the users in a group testgroup:

  • From the Left Navigate Menu -> Groups -> List/Edit/Delete
  • Click on testgroup. It will take you to a new page which lists all users in the group testgroup. You can click on a user to edit that user’s information.

To rename a group testgroup to testgroupnew:

  • From the Left Navigate Menu -> Groups -> List/Edit/Delete
  • Click on the Edit link corresponding to the group.
  • Enter the Group Name: testgroupnew
  • Click on Save.

To delete a group testgroup:

  • From the Left Navigate Menu -> Groups -> List/Edit/Delete
  • From the group testgroup, Click on the Delete link corresponding to the group. You will find a confirmation page, which lists all users in the group. If you are sure that you want to remove the group, click on the Yes link. If you change your mind, click on the No link. The users within that group will not be removed. Only the group will be removed.

Managing Users

All users are stored in the file .htpasswd in your home directory. You can add, delete, edit, view, search users and list all the users you have using this myCP tool. Again, please do not edit this file manually. Every user should belong to at least one group. A user can belong to multiple groups. Before you add a new user, you need to create at least one group.

To add a user testuser:

  • From the Left Navigate Menu -> Users -> Add
  • Enter User Name: testuser
  • Enter Password: mypassword
  • Confirm Password: mypassword
  • Select Groups: testgroup
  • Click on Add.

You can select more than one group by using the Control or Shift keys on your keyboard. The example above will add a new user: testuser to the group: testgroup with the password: mypassword.

 

To list all users:

  • From the Left Navigate Menu -> Users -> List/Edit/Delete
  • Click on List/Edit/Delete. All users will be listed in the right frame.

To View/Edit/Delete a user testuser:

  • From the Left Navigate Menu -> Users -> List/Edit/Delete
  • Select the user testuser and click on testuser. It will take you to a new page which displays the user’s information.

If you wish to update the testuser – e.g. to change the user’s name, password or groups, you can type in the new data and click on the Save button.

If you want to delete the testuser, you can click on the Delete button. It will bring you to a confirmation page that lists all groups the user belongs to. If you are sure that you want to remove the user, click on the Yes link. If you change your mind, click on the No link.

 

To search a user testuser:

  • From the Left Navigate Menu -> Users -> Search
  • Enter the User Name: testuser
  • Click on the Search button.

Protecting a directory

After you have added some groups and users, you can start protecting your directories. Currently we have provided two types of protection: By user groups and by referral URLs. All information is stored in the .htaccess file under the directory you are protecting. Please do not manually modify this file as it may hinder myCP’s recognition of it. 

If a directory is protected by a user group, the visitor must use a user account and password to access your files under that directory. If the visitors do not have a valid user account, they will get an authorization failed page. 

If a directory is protected by referral URLs, the visitors must follow the links from the allowed URL to access files under that directory. If visitors come from other referral URLs, they will be redirected to a URL you have defined.

To list/find directories:

  • From the Left Navigate Menu -> Directories -> Root Directory
  • After you click on the Root Directory, it will list subdirectories under your home directory/public_html. You can navigate to lower subdirectories by click on the directories name.

To protect a directory :

  • Find the directory you want to protect by navigating from the Root Directory. If the directory is not protected, you can find a Protect it link.
  • Click on Protect it link, you will find a selection page with two options: By Groups and Users and By Referral URLs.

If you click on By Groups and Users:

  • Enter AuthName: Staff Only Area
  • Select AuthType: Basic

Group(s) to allow access: testgroup

  • AuthName is the description about the directory. You can use any words you like.
  • AuthType is always basic; you don’t need to change it.
  • Group(s) fields will list all groups you have. You can use control or shift button to select more than one group to allow access to this protected directory.
  • After you have finished, click Add.

The example above gives only the users in testgroup the permission to access the directory.

If you click on By Referral URLs:

  • RewriteEngine is a switch. If it’s off, it will do nothing. When it’s on, it will protect your directory.
  • URL(s) to allow access: Type the URLs that are allowed to access these directories. You can type in multiple URLs. One URL – one line. Remember that it is case sensitive and http://example_site.com is different than http://www.example_site.com.
  • ‘RewriteRule’ is the error message page’s URL for unauthorized clients.
  • After you have finished, click Add.

The example gives the referral URLs from http://www.example_site.com and http://example_site.com the permission to access the directories. If the referral URL is not from these, clients will be redirected to the page: http://www.example_site.com/error.html.

To edit a protection for a directory:

  • From the Left Navigate Menu -> Directories -> Root Directory
  • First, find the directory you want to edit. If the directory is not protected, there is only a Protect it link and you can’t edit it. If it’s currently protected, you can click on the Edit it link.
  • There are three possible results after you click Edit it link:
  1. The file .htaccess is not created by our myCP password protection module. You can’t edit it and there is only a warning page.
  2. The file .htaccess is protected by Groups and Users
The edit form is similar to the add By Groups and Users protection form. You just need to change whatever you want and click the Save button. There is a new link: Original File. By clicking on it, you can view the .htaccess file’s raw content.
  3. The file .htaccess is protected by referral URLs.
The edit form is similar to the add By Referral URLs protection form. After you changed the content, click on the Save button to update it. There is a new link: Original File. By clicking on it, you can view the .htaccess file’s raw content.

To unprotect a directory:

  • From the Left Navigate Menu -> Directories -> Root Directory
  • First you need to find the directory you want to unprotect. You can only unprotect directories that have the Unprotect it link. If the file .htaccess is created by our myCP password protection module, the file will be removed and the directory will be unprotected. If the file .htaccess is not created by our myCP password protection module, you cannot unprotect it as it would hinder the functionality of whatever software you are using for that purpose.