PHP Password Protect Alternative To Apache .Htaccess

PHP Alternative To Apache .Htpasswd

Web developers can perform HTTP authentication using PHP. The web server files can be password protected without using Apache’s .htaccess. PHP’s HTTP authentication requires a minimum of version 5.1.

One PHP file can handle the authentication. The PHP header function is is used to request a username and password.

This tutorial uses PHP and an HTTP Server.

    Tools are required:

  • Text editor.
  • Folder for web server.
  • HTTP Server.
  • Browser to view output.

Optional PHP as HTTP Server

In development environmental, PHP can be used as a web server. For more information about PHP Web Server read Ojambo.com PHP Web Development Without Web Server.

Index.php File

A username and password will be requested via the PHP header command. If the authentication fails, then the failure text will display. If authentication is successfully, the protected area message will display.

How to Use:

    Open Browser

  • Enter path (might be IP) of web development folder.
  • Input username and password.
  • Check the output of PHP code.

Demonstration:

Ojambo.com PHP Password Protect Alternative To Apache .Htaccess Tutorial

Image Missing
Ojambo.com PHP Authentication Failure

Image Missing
Ojambo.com PHP Authentication Empty Input Form

Image Missing
Ojambo.com PHP Authentication Filled Input Form

Image Missing
Ojambo.com PHP Authentication Success

Conclusion:

PHP can send authentication requests using the header function. Content can be password protected using PHP as a replacement for Apache’s .htaccess. Web developers can use one PHP file for authentication.

    Recommendations:

  1. Place your PHP code in a specific folder.
  2. Place sensitive files outside the document root of the server.
  3. Let PHP provide sensitive content after successful authentication.