How To Add HTTP Authentication On Website

Are you looking to add HTTP Authentication on your website? HTTP Authentication is a method which requires username and password to view the website. It means a user who knows those login details can only access your website. In this article, we show you how to add Http authentication to your website.

When We Need HTTP Authentication?

While developing a website, we first build a staging server. We develop our website from scratch on this development server. As our website is in the development phase, we don’t want any other users apart from the owner and development team see our website. In such case, we can add Http authentication.

There may be more reasons as listed below:

  • Google should not crawl our content which is not live yet.
  • You don’t want someone copy content from your site because your site is not live yet.
  • Your website is broken and you want it be temporary locked for users.

Add HTTP Authentication

Let’s take HTTP basic authentication example. For adding this authentication, you should have access to your project files and folders.

Open your .htaccess file located in the root directory and add the below code to it. You can place it at the end of a file after previous rules.

AuthType Basic
AuthName "Protect My Website"
AuthUserFile /var/www/html/.htpasswd
Require valid-user

In the above code we have passed the directory path of /var/www/html/.htpasswd. .htpasswd is a file where we store our username and password. You can place this file anywhere in your project directory. You just need to pass full directory path of this file. In our case, we placed the file in root folder. In your case, this path may be different.

Next, open the .htpasswd file. You need to set your username and password in this file. Click here to generate format of credentials which will use in .htpasswd file. On above generator tool, Your password is encrypted using MD5 algorithm.

HTTP Authentication

Let’s say we choose username as test and password as 123456. And above tool gave us a below result which we have added to the .htpasswd file.


Upload both .htaccess and .htpasswd file on a server and run your website. It will prompt for username and password for the first time. If you entered correct credentials then only you can view the site. For wrong details, you will see the HTTP error page.

With each HTTP request, these details have to be sent to the web browser. Web browsers cache these credentials for certain period of time. And thus, the browser will not prompt authentication window with each request.

We hope you understand how to add HTTP authentication on your website. Please share your thoughts in the comment section below.

If you liked this article, then please subscribe to our YouTube Channel for video tutorials.

Leave a Reply

Your email address will not be published.