How to Password Protect One File

This is an advanced design tutorial. If you are a beginner, we recommend using the cPanel Password Protect Directory icon. That icon can be used to password protect all files in a folder; it cannot password protect one specific file.

To password protect an individual file:

  1. Create a file named .htpasswd and place it above your root directory, so visitors can't access it.
    • Example of the root directory pathway for shared accounts : /home#/cpanelusername/.htpasswd
      Note: Replace the # with the number that is reflected in your file manager's home directory
    • Example of the root directory pathway for reseller, vps and dedicated server accounts: /home/cpanelusername/.htpasswd
  2. Create an encrypted password using either a utility such as the command line program htpasswd or an htpasswd generator. It doesn't matter how many individual files you wish to protect; they can all share a common .htpasswd file.
  3. Right click on the .htpasswd file and select the Code Edit option.
  4. In the popup that appears, click the Edit button.
  5. Place the generated .htpasswd information into the .htpasswd file.
  6. Click on the Save Changes button.
  7. Click on the Close button.
  8. Navigate to the directory where the file(s) that you would like to password protect lie.
  9. If an .htaccess file does not exist in the directory already, create one.
  10. Right click on the .htaccess file and select the Code Edit option.
  11. Insert the following code into the .htaccess file:
    <FilesMatch "examplefile.extension">
    AuthName "Member Only"
    AuthType Basic
    AuthUserFile /home/cpanelusername/.htpasswd
    require valid-user
    </FilesMatch>

    Be sure to replace replace examplefile.extension with your file's actual name and replace cpanelusername with your actual cPanel username.
  12. Click on the Save Changes button.
  13. Click on the Close button.

This will protect the specified file, while leaving all other files in the folder unprotected.

WordPress and Password Protecting Files

WordPress can have some minor conflicts with password protecting files due to the changes in the .htaccess rules. If you are experiencing issues with this, please refer to the following article:

Password Protect Multiple Files

You can protect more than one file by using wildcard names. On the FilesMatch line in the previous .htaccess code example, try one of the directives below:

  • <FilesMatch "*.html">

  • <FilesMatch "file.*">

  • <FilesMatch "*.*">

Using Strong Passwords

It is always important to use strong passwords. To help you generate strong passwords to keep your services safe, we have several random password generators you can use: