Home > Help Center > Shared Hosting > Control Panel > cPanel Directory Privacy

cPanel Directory Privacy

In this article, we'll show you how to protect a directory in cPanel.

This feature allows you to protect specific directories in your cPanel account.

If you enable this feature, the system prompts users to log in when they attempt to open a file in the protected folder.

Access to Directory Privacy interface

To activate Directory Privacy feature go to cPanel > Files and click Directory Privacy link:

Directory Privacy link in cPanel

Then navigate to the directory by clicking on the folder icon:

Navigate to the directory in the panel

Clicking on the directory name will open Directory Privacy screen.

Enter a name for the protected directory and click Save:

Enter a name for the protected directory

To remove password protection from a directory, deselect the Password protect this directory checkbox and click Save.

Create an authorized user

To create an authorized user for the selected directory, enter the desired username in the Username text box and enter and confirm the new password in the appropriate text boxes (use the password generator to create a strong password):

Create an authorized user

You can create as many users as you wish and they all will be added in the Authorized Users table below the form:

Table with all Authorized Users

Now enter the domain that is configured to access the protected folder - the site will prompt to enter a username and password.

Enter the site from the protected directory

If you enter the correct credentials you will access the resource - the web page in our example:

Successful authorization in the site

Note: A protected directory's sub-directories inherit their parent directory's password protection. For example, if you want to access hostpulse-addon.com/subdir/file.html the authentication will also be required.

If you can not provide the correct access credentials the server will return an error:

Not authorized message

Remove User

To remove authenticated user select it in the Authorized Users table and click the Delete User button:

Remove authenticated user

A confirmation message will be displayed:

Confirmation message for removing

If you open the protected directory you will notice that cPanel has added a .htaccess file, containing this code:

AuthType Basic
AuthName "privacy-protection"
AuthUserFile "/home/cpaneluser/.htpasswds/public_html/hostpulse-addon.com/passwd"
require valid-user

And if you open the file passwd you will see a list with the authenticated users and their encrypted passwords:

privacyUsr:$apr1$0gamirGo$4dUJivf8qmYnlKjS.hJWy0
newUsr:$apr1$GOKmM711$Wl9wJN6hKj/5vYPLBwD2t0

If you open Directory Privacy screen the padlock icon indicates that Directory Privacy configurations already exist for that directory:

A padlock icon indicates the secured directories

Conclusion

Directory Privacy feature enables you to improve the security level of your hosted resources.


In the article, we show how you can protect the root directory of a site in cPanel with a password and how the content of the site can only be accessed when entering correct access data ...

Still not finding what you're looking for?

Contact our support team with any additional questions or concerns.

Contact support