Follow us on Twitter!
The important thing is not to stop questioning. - Albert Einstein
Saturday, April 19, 2014
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Members Online
Total Online: 23
Guests Online: 20
Members Online: 3

Registered Members: 82838
Newest Member: w1zarrd
Latest Articles

htaccess Password Protection

Arrow Image Put this in the same folder you need to protect.

This tutorial will help you learn how to password protect your file quickly and easily in a few lines of code.

The code can be split up into three if-else statements. Let's take a look at what we will have to do in order to set up the password protection:

1. If the user has not been authenticated, then use the PHP header and ask for a username and password.

2. Else, if the user's name is "spoono" and the password is "spoono", log in. Inside here you would put all the code for the user.

3. Else tell them the user/password failed.

Finally, here is the PHP Code:


//part 1

if (!isset($PHP_AUTH_USER))


header("WWW-Authenticate: Basic realm="Spoono Password."");

Header("HTTP/1.0 401 Unauthorized");



//part 2

else if(($PHP_AUTH_USER=="spoono") && ($PHP_AUTH_PW=="spoono"))


echo "You got in...";

//place the code for the whole user page in here

//you can also set up a redirect to the user page if you want


//part 3



echo "<html><body bgcolor=ffffcc>Faiiiiiiiil";

//fail try again





godon January 31 2006 - 16:00:08
nice B)
godon January 31 2006 - 16:02:14
lol commented after 1 min and 10 seconds Pfft and explaining some lines of code with more details would be better.. like for
header("WWW-Authenticate: Basic realm="Spoono Password.""Wink; Header("HTTP/1.0 401 Unauthorized"Wink; exit;
thousandtooneon February 01 2006 - 03:12:34
Why not just do this with htaccess? This is using HTTP Headers, not htaccess. This also probably shouldn't be done in PHP in this method, as htaccess recieves special read protection from the server- try it using PHP built as an apache module, using HTTP authentication, or just PHP.
SwiftNomadon March 06 2006 - 07:49:26
thousandtoone.. you have a huge point.. wish I would have checked this before. I'll write a new one..
cis_slayeron May 19 2007 - 16:56:36
or you could go to yellowpipe and they have a htaccess file generator you just give the url of the file you want and give the password you want and there you go lol.....i have never "used and applied" this but i have played around with it....seems to work lol....peace
Post Comment


You must have completed the challenge Basic 1 and have 100 points or more, to be able to post.