Using Webprotect

[mcm]

Hello,

I have a family blog, and want to restrict access through username/password. I can't figure out how to do it. There doesn't seem to be an option to protect the public_html folder (maybe this is not possible?).

I tried making a new folder, to put another layer between public_html (where is where my index files are) and the blog files (Movable Type). But this ended up a mess, couldn't get to the website directly, so I removed that new folder and put things back the way there were. Is there an easy way to do this? (note: I really don't know what I'm doing).

[RockNRollPig]

not sure if you can password protect the public_html folder...but you could install the blog in say the folder "blog" and password protect that folder and then make a subdomain "blog.website.com" so whever and person goes to your blog at "blog.website.com" it will be password protected....just another option

[Guest schussat]

Interesting -- you're right that cpanel doesn't seem to protect public_html automatically. However, you can make it work. All you really need are the right .htaccess and .htpasswd file, and the trick is that you can generate them for a different directory and then move .htaccess to your public_html directory. I just tested it out, and it seems to work fine. Here's what to do:

 

1. Make a temporary directory in public_html. I called mine "test."

 

2. Using cpanel, use web protect to set password protection for the "test" directory. You can set up as many users and passwords as you want at this point -- but set up at least one. You can always add more later.

 

3. Using file manager, find the .htaccess file in public_html/test. Copy that file to public_html. However, do this step only if you don't already have an .htaccess file there -- this will overwrite whatever you have (you may already have .htaccess for fooling spambots, redirecting file types, or some other purpose, so doublecheck. If it's already there, we'll have to retool a bit, to integrate the user-level access with the existing contents).

 

That should do it. Try to reload your root web directory in a browser (it may take a short delay before .htaccess is properly used). If all has gone correctly, you'll be prompted for a user name and password. You're in business! Because the cpanel-generated .htaccess file simply points browsers to a fixed password file, you can (I think) use cpanel any time you want to add or remove user/password combinations. However, if you decide to un-protect your public_html directory, you'll have to manually remove the public_html/.htaccess file, because cpanel's web protector doesn't really know it's there. Also, I think the basic web protect setup will prohibit unauthorized access to everything below public_html; your web site will be entirely cut off. If this isn't what you want, ReallyDumbStuff's suggestion to setup a private subdomain is probably the best way to go. Of course, that involves some reconfiguration of your MT installation...

 

Hope this helps!

 

-Alan

[mcm]

Thanks very much for this! I will try it out.

[mcm]

"However, do this step only if you don't already have an .htaccess file there -- this will overwrite whatever you have (you may already have .htaccess for fooling spambots, redirecting file types, or some other purpose, so doublecheck. If it's already there, we'll have to retool a bit, to integrate the user-level access with the existing contents)."

 

Alas, it turns out there already _is_ an .htaccess file in the public_html.

[Guest schussat]

Alas, it turns out there already _is_ an .htaccess file in the public_html.

Hmmmm. What's it look like?

[mcm]

Apparently it is empty. Is there hope?

[Guest schussat]

Apparently it is empty.  Is there hope?

I don't see why not! If it's empty, it's not doing anything particularly important -- well, technically, it's doing nothing -- so you should be able to just copy the cpanel-generated file into its place, and you should be in business.

 

-Alan