Password protecting specific filetypes in Apache

20 May

Recently, I needed to password protect only a few filetypes across an entire website. I was sure I could somehow do this using Apache’s extensive configurations, and this is how I did it.

First of all, put this as your .htaccess in the root of your website (or in the root of whichever directory you want to protect the files for):

AuthUserFile /path/to/htpasswd
AuthType Basic
AuthName "Login Dialog Title"

<FilesMatch "\.(pdf|doc)$">
 Require valid-user

And then generate the htpasswd in the right directory using this command-line:

htpasswd -c .htpasswd username

And, hey presto! The entire site works fine, but access to the particular file-types (in this example, PDF and DOC files) is restricted only to people who enter the correct username/password combo using HTTP authentication.

Thanks to helpful resources at:

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: