How To Password Protect A CGI Directory
What is PimpSoft .htpasswd Manager?
PimpSoft .htpasswd Manager
is a script that will allow you to password protect a CGI directory and allow
you to control who can have access. Note that you can not use this to
password protect directories on your normal web server. This is only for use with
directories on your CGI server. This is ideal for protecting forums, member
areas and other directories where you want to restrict access. If you are looking
to password protect a page on your web server, please see
Password Protecting A Web Site Directory
To use PimpSoft's .htpasswd Manager, you need to be sure your CGI account is set up.
Please see How To Request A CGI Account
for more information. You will also need to
a copy of PimpSoft's .htpasswd Manager. To download, right-click on the link and then
choose Save Target As... or Save Link As... to your hard drive. You'll be
downloading a single ps_htpasswd_lite_php file. After downloading, you must
rename the file to ps_htpasswd_lite.php for it to work. Note that the last underscore is
changed to a period.
IMPORTANT SECURITY NOTE!|
Always be sure you have
installed the latest updates and/or patches for the script as well as for any
additional add-ons. Updates are very important to the security and proper
functioning of the script! Our instructions may be for earlier versions of
scripts due to the fact that we are not able to keep up with updates to every
script at all times. It is still up to the domain owner to install and use the
latest version of these scripts.
Remember that only your main account can access CGI scripts on your server. Any
hosting or extra FTP accounts that access these scripts may cause your account
to be deactivated and you'll have to contact
After downloading the ps_htpasswd_lite.php file to your hard drive, open
it in an ASCII text editor.
At the top of the script, you'll find the following line:
$GLOBALS['MY_LOGIN_USERNAME'] = 'admin';
Change the admin to a username you want to use. This is the user that will
have full access to the script and should not be a username of any of your other
members you wish to access the directory. This is what you'll use to log in and
manage the member information with. Be sure to leave the quotes around the
Next fine the following line:
$GLOBALS['MY_LOGIN_PASSWORD'] = 'pimpsoft.com';
Change the pimpsoft.com to a password of your choice. Be sure to write
down your new admin username and password for future reference. When done save
the file and close your text editor.
Log into your CGI account and upload the edited ps_htpasswd_lite.php
script to the directory you wish to protect. Set the file permission to 755.
Using your text editor, create two blank files named .htpasswd and
NOTE: Some windows text editors may not allow you to create files
with just an extension, so you may want to try another text editor such as
EditPlus or create the files
as htpasswd.txt and htaccess.txt and rename them after you upload them.
Upload the two blank files to your CGI server in the same directory you uploaded
the ps_htpasswd_lite.php file. Be sure the files are named .htpasswd
and .htaccess by renaming them on your CGI server using your FTP program if
Set the file permission of both new blank files to 666. You must be sure
that your FTP program is set to view and list hidden files or the new files may
not be visible for you to change the permissions. Disconnect from your CGI server
and close your FTP program when done.
Point your browser to http://cgi.yourdomain.com/your_protected_dir/ps_htpasswd_lite.php
where your would replace yourdomain.com with your actual domain name, and
your_protected_dir with the name of the directory you uploaded the script
You'll then be taken to the main menu. From the drop down box, you get the
choice of adding a username or resetting a password, or deleting a username from
the access list. Since this is the first time you're using the script, leave the
drop down box choice to "Add a Username or reset a password."
Type in a username and a password for that user. Also type the password again to
be sure you have the correct password. Write these down before you type them in
so that you can give them to the user. It's suggested that you email the user
yourself and provide them with the new username and password, as well as the URL
to this directory.
You will see the following text in green:
Wrote new .htpasswd correctly.
Wrote new .htaccess correctly.
This means that the user has been added. Now that user can log in to that
directory using that username and password. When they visit your url
http://yourdomain.com/your_protected_dir/yourfile.html for example, their
web browser will pop up a window asking for their username and password. This is
where they should enter the username and password you just set up for them.
for support options for this script.
Active Web Hosting may not be able to provide support for this program or it's