Prerequisites
Before password protecting a directory, make sure you have:
- SSH access to your VPS
- Admin access to HestiaCP
Method 1: Using HestiaCP Web Interface
Step 1: Log in to HestiaCP
https://YOUR_SERVER_IP:8083Step 2: Navigate to WEB Section
Click on WEB in the top menu bar.
Step 3: Edit Domain
Click the gear icon (⚙️) next to your domain.
Step 4: Go to Password Protection Tab
Click on Password Protection tab.
Step 5: Add Protected Directory
Click + Add Protected Directory.
- Directory: Relative path (e.g., /admin, /private)
- Username: Create a username
- Password: Set a password
Click Add to create.
Method 2: Manual .htaccess Password Protection (Apache)
Create .htpasswd file:
htpasswd -c /home/admin/web/example.com/public_html/admin/.htpasswd usernameCreate .htaccess file in protected directory:
nano /home/admin/web/example.com/public_html/admin/.htaccessAdd:
AuthType Basic
AuthName "Restricted Area"
AuthUserFile /home/admin/web/example.com/public_html/admin/.htpasswd
Require valid-userSet permissions:
chmod 644 /home/admin/web/example.com/public_html/admin/.htpasswdMethod 3: Nginx Password Protection
Generate password file:
echo "username:$(openssl passwd -apr1)" > /etc/nginx/.htpasswd-exampleIn Nginx config, add:
location /admin {
auth_basic "Restricted Area";
auth_basic_user_file /etc/nginx/.htpasswd-example;
}Restart Nginx:
systemctl restart nginxAdd Multiple Users
htpasswd /home/admin/web/example.com/public_html/admin/.htpasswd user2Test Password Protection
Visit the protected URL in browser. You should see a login prompt.
Or via command line:
curl -u username:password https://example.com/admin/✅ Password protected directory has been configured!