November 16, 2020

How to password protect your wordpress domain using .htaccess and cPanel

Using .htaccess file you can easily hide and protect your wordpress site from search engines and users. First of all you should create two files .htpasswd and .htaccess in your root directory. In first file you will store the user and password for your password protected area and the second file is using to create a server rule to enable password authentication or password protection. You can create it easily from your cPanel File Manager here:

The next step will be to edit .htpasswd file and add there username and password separated with “:”, example:


The code above will allow the user to access the password protected area with the selected username and password. You can add as many users as you like, one per line, so feel free to add as many combinations as you like.

The last step is to edit .htaccess file and add there this rule:

AuthType Basic
AuthName "This is a Protected Area"
AuthUserFile root/path/to/.htpasswd
Require valid-user

Don’t forget to “Save” the changes!

After all the steps you can check the changes by accessing your domain from the browser window. If you did everything properly you will see the popup window with required username and password.


In case you need help in support your website from professionals, you can choose one of our WordPress Care Plans. Our CodaStudio team take care of everything on your website from small design changes to custom functionality.

About the author

Ivan is a CodaStudio lead wordpress developer. He also manages a web design company at Elivan Studio. He likes to sneak in a few games of World of Tanks, and is a huge Harry Potter movie fan.

Subscribe to our newsletter