Web Hosting - Password Protecting Your Site

This page contains instructions for password protecting Windows/IIS and LAMP site directories via Plesk's Basic Auth

There are additional options outlined below

Windows/IIS Accounts

Follow these instructions to add/edit password protection for a directory.

  1. Log in to the Plesk Control Panel.
  2. On the homepage, go to FilesPassword Protected Directories.
  3. To add a new password protected directory, go to ToolsAdd Protected Directory.
  4. To create new user credentials for a protected directory, click on the desired directory and go to ToolsAdd New User.
  5. To edit user credentials for a protected directory:
    1. To edit the existing password, click on the corresponding username.
    2. To edit the existing user ID, delete the user and create a new one.

Linux/Apache (LAMP) Accounts

Follow these instructions to add/edit password protection for a directory.

  1. Log in to the Plesk Control Panel.
  2. On the Websites & Domains page, expand all available features under the domain name and choose Password-Protected Directories.
  3. To add a new password protected directory, go to ToolsAdd Protected Directory.
  4. To create new user credentials for a protected directory, click on the desired directory and go to ToolsAdd New User.
  5. To edit user credentials for a protected directory:
    1. To edit the existing password, click on the corresponding username.
    2. To edit the existing user ID, delete the user and create a new one.

Note: You can generate a password that meets UW-Madison's strong password policy by using the Secure Password Generator in the Control Panel.

  Additional Options

Other options available for password protecting include:

  • Manifest/NetID login: You can create groups of users and authorize them to access protected areas of your website by logging in with their NetIDs.
  • NetID Login Service (WebISO): (contact webhosting@doit.wisc.edu if interested)
  • Use .htaccess (LAMP only). See this example tutorial for using a .htaccess and .htpasswd file to define the IDs and passwords of the users allowed to access a site directory.

    • Note: Plesk also uses .htaccess to password protect directories. The only difference is that Plesk creates .htaccess files that are outside your filesystem and can only be managed through the Plesk Control Panel.