1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

How do I password protect a subdomain?

Discussion in 'Plesk for Linux - 8.x and Older' started by Beun, Sep 17, 2005.

  1. Beun

    Beun Guest

    How do I password protect a subdomain in Plesk 7.5.3 Reloaded?

    The password protect-option only works for directories of the main-site, and not for (directories of) subdomains..

    I tried using .htaccess with .htpasswd, of which I know how it works, but for some strange reason it does not work on a server that is being managed with Plesk.

    So... How do I password protect a subdomain ? :confused:
    (Or a directory in a subdomain, for that matter...)

    Thanks :)
  2. judouk

    judouk Guest

    Have you tried simply creating the .htaccess file manually
  3. Beun

    Beun Guest

    Well............. :rolleyes:

    Plesk does not use .htaccess/.htpasswd for directory-protection, and in some strange way prohibits the use of .htaccess/.htpasswd for manual password-purposes...
  4. jamesyeeoc

    jamesyeeoc Guest

    Have you checked to see if your domain's httpd.include file or the main /etc/httpd/conf/httpd.include has the "AllowOverride AuthConfig" enabled? I do not believe that Plesk puts this directive in the files by default. As you know, this would prevent .htaccess/.htpasswd authentication from working.

    Also by default, in the /etc/httpd/conf/httpd.conf file, they start out with:

    <Directory />
         AllowOverride None
  5. Beun

    Beun Guest

    I do not see the folder httpd (or any folder, for that matter) in /etc.
    I will consult my hosting company on why I cannot see that particular folder.
  6. jamesyeeoc

    jamesyeeoc Guest

    Exact location of the file(s) may depend on the *nix distro you are using. My posts use paths which are common to many RH distros.

    You could always do a search for httpd.conf
  7. sector29

    sector29 Guest


    I need to protect a subdomain also. Can u post the .htpasswd directives for .htaccess.

    Also, can I update the vhost.conf for the subdomain or is changing http.include the only route.
  8. Whistler

    Whistler Guest

    Half a dozen threads have already been created on this subject - why don't you use the search button before posting a question?

    Manually setting up .htaccess for password protecting a subdomain: http://forum.plesk.com/showthread.php?s=&threadid=21359&highlight=password+subdomain

    The more "Plesk friendly way":

    1) Create a protected dir in the domain page - ie. /mysubdomain

    2) Put the following in a .htaccess in your httpdocs dir of your subdomain:
    AuthUserFile /home/<your_domain>/pd/d..mysubdomain
    AuthName "Subdomain Test"
    AuthType Basic
    Require valid-user
    3) Now you (or your domain user) can add/remove users via the Plesk Controlpanel for Protected Dirs without problems.

    Simple and it works :) (and remember you have to change the path to home if you don't have it setup in /home)

    And I think I've posted this solution before - just coulden't find it right now...
  9. wuetscher

    wuetscher Guest

    Password protect for subdomain

    It's possible to do this with Plesk.

    How to:

    Create a new physical hosting: subdomain.domain.tld.
    but dont check the www-box (left beside the domain input box).

    Now you can easy protect your /.

    The subdomain now is a domain :)

    The only disadvantage is that you must create a 2nd ftp account for this domain (you can't use the ftp login off your www.domain.tld)

    That's it.

    Kind regards from Germany
  10. sector29

    sector29 Guest

    Thank you wuetscher!!!!

    It just so happens I needed to create a secure subdomain today.

    I did what you suggested. Restarted apache. It worked.

    I really appreciate the info about the additional ftp account. I view it as a an additional security feature.