Visitor Stats Buy Support
Visitor Stats 2 logo Protect your Admin directory.
 

How to password protect a directory on your website
 

This tutorial was written to help you password protect a directory on your website (any website), and specifically for the Visitor Statistics Admin directory.

Anyone may use this tutorial, but you may want to check out the visitor statistics program which offers very interesting web statistics for your website.
 

Password Protect Your Directory
 
  • Download this file ('protect-directory.zip'), and open it. In the zip file you will find 2 files. Open the 'Protect dir -> .htaccess.txt' file, which will contain:

    "DirectoryIndex index.html index.htm index.php admin.php
    ErrorDocument 404 http://www.phoenixdigital.com.au/404.php

    AuthUserFile /home/virtual/phoenix/home/httpd/html/visitor_stats/.htpasswd
    AuthGroupFile /dev/null
    AuthName "Visitor Stats Admin"
    AuthType Basic
    require valid-user"

    You will need to edit the sections I have made bold, replacing them with your own website address for a 'page not found' error page, and the second bolded text with your own website's directory to the root directory...

  • To find your website's root directory, you will need to download this file ('phpinfo.zip'), decompress it and upload the file to your website. Then go to the file in your web browser. I.e. www.mydomain.com/phpinfo.php

    Once the page has loaded, go down to the heading 'Apache Environment', and copy the text next to 'DOCUMENT_ROOT' which should be something like this: '/home/virtual/phoenix/home/httpd/html'.

    Now paste the text you copied into your '.htaccess' file after the heading 'AuthUserFile' and before '/visitor_stats/.htpasswd'. (See bolded text above).

  • Ok, now place your modified 'Protect dir -> .htaccess.txt' file in your '/visitor_stats/admin/' directory. You will have to upload it via FTP, and then rename it to '.htaccess' (the 'dot' lets apache know that its a system file).

    VERY IMPORTANT    : Don't protect the '/visitor_stats' directory, just the '/visitor_stats/admin/' directory otherwise Visitor Stats won't work. Whichever directory you place the file into becomes protected.

    You should now have a protected ADMIN directory... you can test this by opening your browser and trying to view: www.mydomain.com/visitor_stats/admin/

    You should get a screen which asks for your username and password.
 

Add Users to your Password Protected Directory
 
  • Now open the second file ('Protect dir pass .htpasswd.txt') and also open up this website (opens in new window).

  • Looking at the newly-opened website, type in your desired Username and Password (e.g. 'bob' and 'bobpassword'). Hit the 'Submit' button. The page will reload, and above the Username form etc will be the 'RESULT: bob:bI3cxHKainH3s' or something similar.

  • Copy the result, being sure to leave out the actual 'Result:' and paste it into your 'Protect dir pass .htpasswd.txt' file. It should look similar to this (the password code will be different for you):

    bob:bI3cxHKainH3s

    You can add as many users as you like in this way, placing each user on a separate line.

  • Finally, upload the file into your '/visitor_stats/' directory. You will have to upload it via FTP, and then rename it to '.htpasswd' (the 'dot' lets apache know that its a system file).

    NOTE: You may upload the password file into any directory, as long as the '.htaccess' file points to the right location. I encourage you to place it somewhere else on your website, making it harder to find for any hackers/crackers out there.


Yari McGauley
Creator of Visitor Stats 2
 
Buy Visitor Stats
Version 2 for $79.95		 Live Demo
Watch real visitors
 


Visitor Stats © Copyright 2005 by Yari McGauley. All rights reserved. Contact Me.