This information is usable by Standard Hosting accounts only. Windows® Web Hosting information can be found here.

.htaccess Access Control on your site

.htaccess files allow you to do many things with your site, as a whole or with specific directories. This section will help you setup security for your site using htaccess. It will show how to limit access by IP or by username/password.

Allow access from IP addresses

To allow access only from a certain IP address or range of IP addresses, create a text file called .htaccess and include the following:

AuthName AllowLocalAccess
AuthType Basic
<Limit GET POST>
order deny,allow
deny from all
allow from x.x.x.x
</Limit>

The x.x.x.x should be changed to the IP address you wish to allow access from. You may just enter the first three quads of the IP address (example: 192.168.2) to allow anyone from that range access (in the example, anyone with IP of 192.168.2.1 to 192.168.2.254 would be allowed access).

Once this file is saved as .htaccess, it should be sent to the directory you wish to secure. Any sub-directories of the directory containing the .htaccess file will be secured by the same rules.

Allow access from valid Usernames

To allow only persons with a valid username and password to connect to your site, create a text file called .htaccess and include the following:

<files "ht*">
order allow,deny
deny from all
</files>
AuthType Basic
AuthName "Restricted Access"
AuthUserFile absolute path of .htpasswd file
Require valid-user

The absolute path for Standard Websites use /isp/eshowcase/sites/domain.ext/docs/path of filename and for Business or Advanced websites use /services/webpages/first letter of domain name/second letter of domain name/domain.ext/path of filename

Now create another text file called .htpasswd. In this file include the following:

Username:Encrypted password
Username:Encrypted password

Multiple usernames and passwords may be created. Use our online utility to create encrypted passwords for you.

Once the .htaccess and .htpasswd files are created, send them to the directory you wish to secure. Make sure that the path of the .htpasswd file in the file .htaccess is correct

The directory is now secured and can only be viewed by users with valid usernames and passwords.