Skip to main content
Directory Privacy locks a folder behind a username and password. Anyone trying to open a file in the protected folder gets a browser-native login prompt. cPanel manages the .htpasswd file under the hood. Open it from cPanel home → FilesDirectory Privacy.
Directory Privacy showing folders with Private status and Edit buttons

Lock a folder

1

Browse to the folder

Click into the folder you want to protect. Use the Home button to reset, the folder icons to drill down.
2

Click Edit

Click Edit in the Actions column next to the folder you’re inside.
3

Tick the box and save

Tick Password protect this directory, give it a label (shown to users in the login prompt), and save.
4

Add a user

Below the protect toggle, enter a username and password under Create User. Add as many users as you need. Any of them can log in.

Common uses

  • Staging or /dev/ folders that aren’t ready for public eyes
  • Internal admin folders for tools that don’t have their own login
  • Files you want gated but don’t want to wire up a full app login for

Things to know

  • Protection is HTTP basic auth. Browsers prompt for credentials and remember them per session.
  • Search engines can’t index a protected folder. The auth check fires before crawlers see anything.
  • The .htpasswd file is stored outside the protected folder. Don’t edit it manually unless you know what you’re doing; cPanel can rewrite it on save.
  • Removing protection: revisit the folder, untick Password protect this directory, save.

Need a hand?