Restricting Access to Web Site's Resources with Password Protection
If you have directories in a site that only authorized users should see, restrict access to these directories with password protection.
To password protect a directory in your site and to specify authorized users:
- Click the Domains shortcut in the navigation pane.
- Click the required domain name in the list.
- Click the
Directories icon in the Hosting group. - Click
Add New Directory. - Specify the path to the directory that you wish to password protect.
This can be any directory existing in the site, for example: /private
. If the directory that you would like to protect has not yet been created, specify the path and the directory name – Plesk will create it for you.
- Specify in what location (also called document root) your password protected directory resides or will reside. For example:
- To protect the
httpdocs/private
directory, type '/private' in the Directory name box and select the Non-SSL check box. - To protect the
httpsdocs/private
directory, type '/private' in the Directory name box and select the SSL check box. - To protect your CGI scripts stored in the
cgi-bin
directory, leave '/' in the Directory name box and select the cgi-bin check box. Make sure there are no white spaces after the slash symbol; otherwise, a protected directory will be created with the name consisting of white spaces.
- In the Header Text box, type a resource description or a welcoming message that your users will see when they visit the protected area.
- Click OK. The directory you specified will be protected.
- To add authorized users, click
Add New User. - Specify the login name and password that will be used for accessing the protected area. The password should be from 5 to 14 symbols in length. Click OK.
- To add more authorized users for this protected resource, repeat the steps 7 and 8.
To add an authorized user of a protected directory:
- Click the Domains shortcut in the navigation pane.
- Click the required domain name in the list.
- Click the
Directories icon in the Hosting group. - Click on the name of the directory you need.
- Click the
Add New User icon. - Specify the login name and password that will be used for accessing the protected area. The password should be from 5 to 14 symbols in length.
- Click OK.
To change password for an authorized user of a protected directory:
- Click the Domains shortcut in the navigation pane.
- Click the required domain name in the list.
- Click the
Directories icon in the Hosting group. - Click on the name of the directory you need. A list of authorized users will open.
- Click on the user's name.
- Specify the new password and re-type it for confirmation.
- Click OK.
To revoke a permission to access the protected directory from a user:
- Click the Domains shortcut in the navigation pane.
- Click the required domain name in the list.
- Click the
Directories icon in the Hosting group. - Click on the name of the directory you need. A list of authorized users will open.
- Select a check box corresponding to the user's name.
- Click
Remove Selected. Confirm the operation and click OK.
To remove password protection and make the resource available to the public:
- Click the Domains shortcut in the navigation pane.
- Click the required domain name in the list.
- Click the
Directories icon in the Hosting group. A list of password protected directories will open. - Select a check box corresponding to the name of the directory, from which you want to remove protection.
- Click
Remove Selected. The protection will be removed and the contents of the directory will be accessible to the public without restrictions.