======================================= How to get .htaccess to work in Windows ======================================= A number of other websites have tutorials on .htaccess under windows, but they leave out an important step that needs to be accomplished (at least on the Apache version that I installed): Changing AllowOverride None to AllowOverride All in httpd.conf for the applicable directories. Without this small step, no box will pop up. No password prompt will even appear. Assuming, however, that you haven't gotten that far, here's a step by step for the whole process, assuming you just want to password protect htdocs... ------------------- 1. Create .htpasswd ------------------- Bring up a command prompt with cmd or command.com (Run, cmd). Type, or paste in (via right-click) the following commands: cd C:\Program Files\Apache Group\Apache2\bin htpasswd -cb ../htdocs/.htpasswd username password This will create an MD5 encoded .htpasswd file that should look something like this: username:$apr1$RO0.....$x2bCcfOl0gFFFFKdPSeuu/ ------------------- 2. Create .htaccess ------------------- Open notepad and paste in the appropriate text. Here's a sample: AuthType Basic AuthName "Restricted Access" AuthUserFile "C:\Program Files\Apache Group\Apache2\htdocs\.htpasswd" Make sure you change the "Save as type:" to "All files" and go ahead and save it as .htaccess (in the directory htdocs). ----------------------- 3. Change AllowOverride ----------------------- In httpd.conf, you'll need to change the AllowOverride to All for any directories that you wish to use .htaccess with. For the defaut configuration, find "# AllowOverride controls" and change the text four lines down from None to All. ==== NOTE If you have an enormous hosts file with everything pointing to 127.0.0.1, you end up getting prompted everytime you aim your browser much of anywhere these days, so you may want to try having an .htaccess consisting solely of something like this: AuthType Basic AuthName "Restricted Area" AuthUserFile "C:\Program Files\Apache Group\Apache2\htdocs\.htpasswd" require valid-user ==== --illuzion