Or use your account on OC-Extensions

Show

Forgot your password?

Or register your new account on OC-Extensions

Show

Show

Lost your password? Please enter your email address and will send you a new password.

Back to log-in

Close

You're attempting to log into OC-Extensions from unrecognized IP Address. Please enter the Authentification Token that was sent to the email associated with this account.

No Authentification Token received?

OpenCart Blog

How to Protect Admin Folder with .htaccess

How to Protect Admin Folder with .htaccess

At times, you may find it best practice to password protect a folder on your account. This can add an extra layer of protection to files you do not want the general public to have access to. Password protecting a directory can be easily accomplished using the option within cPanel.

In this (short) guide, you can learn how to add and remove password protection on a directory, using cPanel.

How Does Password Protection Work?

It is important to understand how password protection on a folder works. When you choose to password protect a directory in cPanel, cPanel creates a rule in your .htaccess file.

This rule specifies that the folder is protected and the visitor will need to provide the proper username and password to log in and view the files within it.

When someone attempts to access the /admin/ directory through a browser, the site will prompt them to enter extra username and password you set to protect admin folder.
Your OpenCart admin login page will be accessible only if "visitor" passed first level of security.

How to add Password Protection

Step 1: Login into cPanel

In most of cases you can access cPanel like yourstore.com/cpanel

Step 2:  Find section Files and click on Directory Privacy


Step 3: Browse in folder structure to your admin folder


Now just click on admin folder name.

Step 4:  Create a user to grant access to the protected directory by typing the credentials into the Username, New Password and Confirm Password fields. 


DO NOT FORGET to click Save button.

Now If you access yourstore.com/admin you should see screen below

Once you type valid username and pass will get access to admin login page (login page NOT admin dashboard)

I did this steps but nothing happens. What's wrong?

In this case, follow this steps:

  • using your favorite FTP client goto public_html/admin and open .htaccess file (if you don't have one you can create it)
  • open .htaccess file

You should see content like this:

AuthUserFile "/home/youraccount/.htpasswds/public_html/admin/passwd"
AuthName "admin"
AuthType Basic
require valid-user

* In first line (path) word "youraccount" is just for example purpose. There you should see your account username.

Add new line at the end

ErrorDocument 401 default

How to remove password protection?

Follow same steps from section "How To add password protection", but this time uncheck option "Password protect this directory"

OCX Team

OCX Team

Since 2010 we exclusively focused on OpenCart platform. We know it from A to Z, being able to resolve any challenge might raise concerning the development of your ecommerce store.