How to use the .htpasswd generator?
In the form below, enter the username & password you wish to create the file for. Once you click on the "Generate the .htpasswd file" button, the htpasswd file would be generated and visible on your screen. Login to your server and create a file with the name ".htpasswd" in the folder you wish to secure. Copy paste the file content from this tool and save the file.
This htpasswd generator creates passwords using the MD5 algorithm and will work for sites hosted on Linux & Windows platforms.
Note: We do NOT store any of the usernames or passwords generated by this tool.
- 15 Signs Your Website Has Been Hacked
- How to Super Secure Your WordPress Admin from Hackers – Changing Admin URL, Adding IP Restrictions & htpasswd
- How to Secure Joomla Admin from Hackers? A Detailed Guide on Finding & Fixing Hacked Joomla
Common areas secured with HTTP Basic Authentication
- OpenCart Backend/Admin panel
- Magento Admin Panel
- Wordpress wp-admin folder
- Development or Staging Servers
What is the .htpasswd generator?
This tools helps you generate a
.htpasswd file, for use on Apache
HTTP Servers. For securing folders and sensitive directories, you can add a layer of security using the
Basic HTTP Authentication. Once you generate the file from this .htpasswd generator, you would have to upload it to
.htpasswd file can contain multiple rows, each corresponding to a pair of username and password
separated with a colon character. The password is encrypted using the UNIX system's crypt method and may use MD5 or SHA1.
How does the generator work?
The generator uses the
crypt() function to create passwords hashed using the MD5 algorithm. The
.htpasswd file contains username in plain text (unencrypted) and a hashed (encrypted) password.
Why is HTTP Authentication important?
Authentication is the process of checking whether a client is eligible/allowed to access a certain resource. The HTTP protocol supports authentication to restrict access to a secure resource or location on the server.
Setting HTTP authentication using .htacces
For setting up HTTP authentication on your Apache server, place these two files in the web directory you wish to secure with HTTP Authentication..htaccess
AuthType Basic AuthName "realm-name" AuthUserFile full-path/to/.htpasswd/file AuthUser valid-user
#Replace the following example_username:$apr1$mEYxaAmj$z7H3LoGxeFPs6PARTpast1
Now all files inside the web directory will have HTTP Basic authentication protection with the same realm & credentials.
Security Recommendation - .htaccess and .htpasswd Opencart
Since the OpenCart version 1.5.X Basic Security Practices document, it is recommended to use .htaccess and .htpasswd protection for the admin area.
How can Astra help secure your website?
Astra provides a suite of security features to monitor & protect your website from hack attempts & other malicious activity. If you have a hacked website, we also provide priority malware cleanup plans to help you restore your website and bring it back online. We have plugins for popular CMSs like WordPress, OpenCart , Magento etc.
This information is provided as part of the Astra community project. All information should be considered as-is, without guarantees. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please mail to [email protected]