Top Menu

Detailed Instructions for Password Protection

If you have more than one domain on your account, first you are asked which domain you wish to enable password protection for. After choosing the domain, you are brought to the main menu for password protection. From this menu, Windows users additionally need to enable password protection for the domain by clicking on IIS Password under Enable/Disable at the bottom left, checking Password Protection to On, and clicking Update. Unix users do not need to do this step.

• Managing Groups
• Managing Users
• Protecting a directory

Managing Groups

An authentication group is a group name associated with a list of users. The groups are stored in the file .htgroup in your home directory. You can add, delete, edit, view groups and list all the groups you have using this myCP tool.  Please do not edit these files manually as it may cause problems for myCP. Each group has its own users. A user can belong to multiple groups.

• To add a group: testgroup
  From the Left Navigate Menu -> Groups -> Add
  
  Enter Group Name: testgroup
  Click on Add
  
  
• To list all groups:
  From the Left Navigate Menu -> Groups -> List/Edit/Delete
  Click on the List/Edit/Delete. All groups will be listed in the right frame.
  
  
• To view the users in a group testgroup:
  From the Left Navigate Menu -> Groups -> List/Edit/Delete
  Click on testgroup. It will take you to a new page which lists all users in the group testgroup. You can click on a user to edit that user's information.
  
  
• To rename a group testgroup to testgroupnew:
  From the Left Navigate Menu -> Groups -> List/Edit/Delete
  Click on the Edit link corresponding to the group.
  
  Enter the Group Name: testgroupnew
  Click on Save
  
  
• To delete a group testgroup:
  From the Left Navigate Menu -> Groups -> List/Edit/Delete
  Found the group testgroup, Click on the Delete link corresponding to the group.
  
  You will find a confirmation page, which lists all users in the group. If you are sure that you want to remove the group, click on the Yes link. If you change your mind, click on the No link.
  
  The users within that group will not be removed. Only the group will be removed.
  

Managing Users

All users are stored in the file .htpasswd in your home directory. You can add, delete, edit, view, search users and list all the users you have using this myCP tool.  Again, please do not edit this file manually. Every user should belong to at least one group. A user can belong to multiple groups. Before you add a new user, you need to create at least one group.

• To add a user testuser:
  From the Left Navigate Menu -> Users -> Add
  
  Enter User Name: testuser
  Enter Password: mypassword
  Confirm Password: mypassword
  Select Groups: testgroup
  
  Click on Add
  You can select more than one group by using Control or Shift key on your keyboard.
  The example will add a new user: testuser to the group: testgroup with the password: mypassword.
  
  
• To list all users:
  From the Left Navigate Menu -> Users -> List/Edit/Delete
  Click on the List/Edit/Delete. All users will be listed in the right frame.
  
  
• To View/Edit/Delete a user testuser:
  From the Left Navigate Menu -> Users -> List/Edit/Delete
  Select the user testuser and click on testuser. It will take you to a new page which displays the user's information.
  
  If you wish to update the testuser - e.g. to change the user's name, password or groups, you can type in the new data and click on the Save button.
  
  If you want to delete the testuser, you can click on the Delete button. It will bring you to a confirmation page that lists all groups the user belongs to. If you are sure that you want to remove the user, click on the Yes link. If you change your mind, click on the No link.
  
  
• To search a user testuser:
  From the Left Navigate Menu -> Users -> Search
  
  Enter the User Name: testuser
  Click on the Search button.

Protecting a directory

After you have added some groups and users, you can start protecting your directories. Currently we have provided two types of protection: By user groups and by referral URLs. All information are stored in the .htaccess file under the directory you are protecting.  Please do not manually modify this file as it may hinder myCP's recognition of it.

If a directory is protected by a user group, the visitor must use a user account and password to access your files under that directory. If the visitors do not have a valid user account, they will get an authorize failed page.

If a directory is protected by referral URLs, the visitors must follow the links from the allowed URL to access files under that directory. If visitors come from other referral URLs, they will be redirected to a URL you have defined.

• To list/find directories:
  From the Left Navigate Menu -> Directories -> Root Directory
  After you click on the Root Directory, it will list subdirectories under your home directory/public_html. You can navigate to lower subdirectories by click on the directories name.
  
  
• To protect a directory :
  find the directory you want to protect by navigating from the Root Directory. If the directory is not protected, you can find a Protect it link.
  Click on Protect it link, you will find a selection page with two options: By Groups and Users and By Referral URLs.
  
  If you click on By Groups and Users:
  
  Enter AuthName: Staff Only Area
  Select AuthType: Basic
  Group(s) to allow access: testgroup
  
  AuthName is the description about the directory. You can use any words you like.
  AuthType is always basic; you don't need to change it.
  Group(s) fields will list all groups you have. You can use control or shift button to select more than one group to allow access to this protected directory.
  
  After you have finished, click on Add button.
  
  The example above gives only the users in testgroup the permission to access the directory.
  
  If you click on By Referral URLs:
  RewriteEngine: On/Off
  URL(s) to allow access: http://www.example_site.com
  http://example_site.com
  RewriteRule: http://www.example_site.com/error.html
  
  RewriteEngine is a switch. If it's off, it will do nothing. Only when it's on it will it protect your directory.
  URL(s) to allow access: you can type the URLs allowed to access this directories. You can type in multiple URLs. One URL - one line. Remember that it is case sensitive and http://example_site.com is different than http://www.example_site.com.
  RewriteRule is the error message page's URL for unauthorized clients.
  
  After you have finished, click on Add button.
  
  The example gives the referral URLs from http://www.example_site.com and http://example_site.com the permission to access the directories. If the referral URL is not from these, clients will be redirected to the page: http://www.example_site.com/error.html.
  
  
• To edit a protection for a directory:
  From the Left Navigate Menu -> Directories -> Root Directory
  First, find the directory you want to edit. If the directory is not protected, there is only a Protect it link and you can't edit it. If it's currently protected, you can click on the Edit it link.
  There are three possible results after you click Edit it link.
  
  
  • The file .htaccess is not created by our myCP password protection module. You can't edit it and there is only a warning page.
  • The file .htaccess is protected by Groups and Users
    The edit form is similar to the add By Groups and Users protection form. You just need to change whatever you want and click the Save button. There is a new link: Original File. By clicking on it, you can view the .htaccess file's raw content.
  • The file .htaccess is protected by referral URLs.
    The edit form is similar to the add By Referral URLs protection form. After you changed the content, click on the Save button to update it. There is a new link: Original File. By click on it, you can view the .htaccess file's raw content.
    
    
• To unprotect a directory:
  From the Left Navigate Menu -> Directories -> Root Directory
  First you need to find the directory you want to unprotect. You can only unprotect directories that have the Unprotect it link. If the file .htaccess is created by our myCP password protection module, the file will be removed and the directory will be unprotected. If the file .htaccess is not created by our myCP password protection module, you can not unprotect it as it would hinder the functionality of whatever software you are using for that purpose.