Use .htaccess and .htpasswd to authenticate the access to website

1. Edit the AllowOverride None line in your vhost configuration file and change it to AllowOverride All

2. Generate a new password for a user user1 using:

htpasswd -c /path/to/file/.htpasswd user1

• -c : creates a new .htpasswd file. It is not necessary to add -c when adding another user if the file has already been created

3. Change ownership and give correct permission to .htpasswd

You can see the user with its hashed password using:

cat /path/to/file/.htpasswd

4. Create .htaccess file in the Apache DocumentRoot directory.

vim path/to/DocumentRoot/.htaccess

Add the following lines:

AuthType Basic
AuthName “Restricted Content”
AuthUserFile /path/to/file/.htpasswd
Require valid-user

5. Restart Apache

systemctl restart httpd

6. Test your website in browser. You should a pop-up more or less like the following: