How To Add HTTP Authentication On Website

Are you looking to add HTTP Authentication on your website? HTTP Authentication is a method that requires a username and password to view the website. It means a user who knows those login details can only access your website. In this article, we show you how to add HTTP authentication to your website.

When We Need HTTP Authentication?

While developing a website, we first build a staging server. We develop our website from scratch on this development server. As our website is in the development phase, we don’t want any other users apart from the owner and development team to see our website. In such a case, we can add HTTP authentication.

There may be more reasons as listed below:

  • Google should not crawl our content that is not live yet.
  • You don’t want someone to copy content from your site because your site is not live yet.
  • Your website is broken and you want it to be temporarily locked for users.

Add HTTP Authentication

Let’s take HTTP basic authentication example. For adding this authentication, you should have access to your project files and folders.

Open your .htaccess file located in the root directory and add the below code to it. You can place it at the end of a file after the previous rules.

AuthType Basic
AuthName "Protect My Website"
AuthUserFile /var/www/html/.htpasswd
Require valid-user

In the above code, we have passed the directory path of /var/www/html/.htpasswd. .htpasswd is a file where we store our username and password. You can place this file anywhere in your project directory. You just need to pass the full directory path of this file. In our case, we placed the file in the root folder. In your case, this path may be different.

Next, open the .htpasswd file. You need to set your username and password in this file. Click here to generate the format of credentials which will use in .htpasswd file. On the above generator tool, Your password is encrypted using the MD5 algorithm.

HTTP Authentication

Let’s say we choose a username as a test and a password as 123456. And above tool gave us the below result which we have added to the .htpasswd file.


Upload both .htaccess and .htpasswd files on a server and run your website. It will prompt for a username and password for the first time. If you entered the correct credentials then only you can view the site. For wrong details, you will see the HTTP error page.

With each HTTP request, these details have to be sent to the web browser. Web browsers cache these credentials for a certain period of time. And thus, the browser will not prompt an authentication window with each request.

We hope you understand how to add HTTP authentication to your website. Please share your thoughts in the comment section below.

If you liked this article, then please subscribe to our YouTube Channel for video tutorials.

Leave a Reply

Your email address will not be published. Required fields are marked *