so you want to password protect your apache directory so people can’t sneak a peek.

you’ll need two files in your directory:

.htaccess and .htpasswd

.htaccess source

AuthType Basic

AuthName “restricted area”

AuthUserFile /var/www/vhosts/

require valid-user


AuthUserFile is the file path on your server to the .htpasswd file. on ubuntu + plesk 9 the path is:


.htpasswd source



the user name is first separated by a colon and then a MD5 coded text is needed for the password… use this fancy tool to make key value pairs with MD5 password

Web Development Tools | David Walsh - MooTools, jQuery Consultant-2.jpg



make sure you edit your site config file


nano "yoursitename"

change the AllowOverride none to AllowOverride all
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
allow from all