Google Search Engine on Macbook Pro

Password Protection with Apache on Linux

Password Protection in Website running on Apache Hosted on Linux Remote Server or VPS

Enhance the security of your website by leveraging basic authentication with Apache on your Linux server. This guide walks you through creating login credentials, configuring password protection for a specific directory, and restarting Apache to apply the changes.


  • An Apache web server running on a Linux server/VPS with root or sudo privileges.
  • Basic understanding of command line editing.
  • Access to your server via SSH.

Security Considerations:

  • Password Strength: Choose strong and unique passwords for enhanced security. Consider using a password manager to generate and store complex passwords.
  • Alternative Methods: Basic authentication transmits credentials in Base64 encoding, which is not ideal for highly sensitive areas. Explore alternative methods like HTTPS with client-side certificates for more robust security when handling sensitive data.
  • Regular Updates: Keep your Apache web server and operating system updated with the latest security patches to address vulnerabilities.
  • Create Login Credentials
htpasswd -c /etc/apache2/.htpasswd user_name
  • Verify that Credential has been Created
cat /etc/apache2/.htpasswd
  • Go to /etc/apache2/sites-available
cd /etc/apache2/sites-available
  • Open the Required Virtual Host File
nano 000-default.conf
  • Add below Content
<Directory /var/www/html/admin>
        AuthType Basic
        AuthName "admin area"
        AuthUserFile /etc/apache2/.htpasswd
        Require valid-user
  • Restart Apache
service apache2 restart