Active Web Hosting Logo

How To Password Protect A CGI Directory

What is PimpSoft .htpasswd Manager?

Duane King's PimpSoft .htpasswd Manager is a script that will allow you to password protect a CGI directory and allow you to control who can have access. Note that you can not use this to password protect directories on your normal web server. This is only for use with directories on your CGI server. This is ideal for protecting forums, member areas and other directories where you want to restrict access. If you are looking to password protect a page on your web server, please see Password Protecting A Web Site Directory

Requirements:

To use PimpSoft's .htpasswd Manager, you need to be sure your CGI account is set up. Please see How To Request A CGI Account for more information. You will also need to download a copy of PimpSoft's .htpasswd Manager. To download, right-click on the link and then choose Save Target As... or Save Link As... to your hard drive. You'll be downloading a single ps_htpasswd_lite_php file. After downloading, you must rename the file to ps_htpasswd_lite.php for it to work. Note that the last underscore is changed to a period.

IMPORTANT SECURITY NOTE!
Always be sure you have installed the latest updates and/or patches for the script as well as for any additional add-ons. Updates are very important to the security and proper functioning of the script! Our instructions may be for earlier versions of scripts due to the fact that we are not able to keep up with updates to every script at all times. It is still up to the domain owner to install and use the latest version of these scripts.

Restrictions:

Remember that only your main account can access CGI scripts on your server. Any hosting or extra FTP accounts that access these scripts may cause your account to be deactivated and you'll have to contact support.

Installation:

  1. After downloading the ps_htpasswd_lite.php file to your hard drive, open it in an ASCII text editor.

  2. At the top of the script, you'll find the following line:

    $GLOBALS['MY_LOGIN_USERNAME'] = 'admin';

    Change the admin to a username you want to use. This is the user that will have full access to the script and should not be a username of any of your other members you wish to access the directory. This is what you'll use to log in and manage the member information with. Be sure to leave the quotes around the username.

  3. Next fine the following line:

    $GLOBALS['MY_LOGIN_PASSWORD'] = 'pimpsoft.com';

    Change the pimpsoft.com to a password of your choice. Be sure to write down your new admin username and password for future reference. When done save the file and close your text editor.

  4. Log into your CGI account and upload the edited ps_htpasswd_lite.php script to the directory you wish to protect. Set the file permission to 755.

  5. Using your text editor, create two blank files named .htpasswd and .htaccess

    NOTE: Some windows text editors may not allow you to create files with just an extension, so you may want to try another text editor such as EditPlus or create the files as htpasswd.txt and htaccess.txt and rename them after you upload them.

  6. Upload the two blank files to your CGI server in the same directory you uploaded the ps_htpasswd_lite.php file. Be sure the files are named .htpasswd and .htaccess by renaming them on your CGI server using your FTP program if necessary.

  7. Set the file permission of both new blank files to 666. You must be sure that your FTP program is set to view and list hidden files or the new files may not be visible for you to change the permissions. Disconnect from your CGI server and close your FTP program when done.

Configuration:

  1. Point your browser to http://cgi.yourdomain.com/your_protected_dir/ps_htpasswd_lite.php where your would replace yourdomain.com with your actual domain name, and your_protected_dir with the name of the directory you uploaded the script files to.

  2. You'll then be taken to the main menu. From the drop down box, you get the choice of adding a username or resetting a password, or deleting a username from the access list. Since this is the first time you're using the script, leave the drop down box choice to "Add a Username or reset a password."

  3. Type in a username and a password for that user. Also type the password again to be sure you have the correct password. Write these down before you type them in so that you can give them to the user. It's suggested that you email the user yourself and provide them with the new username and password, as well as the URL to this directory.

  4. You will see the following text in green:

    Wrote new .htpasswd correctly.
    Wrote new .htaccess correctly.

    This means that the user has been added. Now that user can log in to that directory using that username and password. When they visit your url http://yourdomain.com/your_protected_dir/yourfile.html for example, their web browser will pop up a window asking for their username and password. This is where they should enter the username and password you just set up for them.

Support:

Please contact Duane King for support options for this script.

Active Web Hosting may not be able to provide support for this program or it's installation.

 


Home - Support - Management - About Us
... Active Web Hosting, 1445 American Pacific Dr. Ste 110-318, Henderson, NV 89074 ...
Toll-Free (800) 946-7764   Fax: (702) 567-1831