Password protect directories

If you want to restrict access to directories on your website, you can use your hosting account’s built-in password protection feature.

 Note: This feature does not offer a typical member login experience like a bank or retail site. Features like that require databases and are much more complex.

To password protect directories

  1. In Plesk, in the area for the domain name’s website you want to use, click Show More.
  2. Click Password-Protected Directories.
  3. Click Add Protected Directory.
  4. Enter the Directory name (starting at the root of your domain name) and the Title of the protected area, and then click OK.

After protecting the directory, you need to add users that can log in to it.

To create users

  1. In the Total Protected directories area, click the name of the directory you want to use.
  2. Click Add New Users.
  3. Complete the on-screen fields, and then click OK.

Now, when browsing to that directory, only visitors that can enter a username and password combination can view its content.

What does it mean to get hacked?

“Hacked” is a term you hear thrown around a lot — especially regarding websites — without much definition.

If your website is hacked, it means a few things:

  • Someone gained access to your account (typically via File Transfer Protocol, a.k.a. FTP). By gaining FTP access, hackers can insert their own code on your site.
  • After gaining access to your site, they put malicious code in it. What the code does depends on the hacker’s objectives.

Because hacking can be extra insidious, sometimes your site can get hacked without you ever realizing it. Other times, hackers will be incredibly ham-fisted and either bring down your site or replace it with an obscene message.

Among the other unpleasant things hackers do to sites:

  • Install viruses on visitor’s computers
  • Redirect visitors to other sites
  • Use your website to attack other websites, bringing them down

Now, unfortunately, there’s no LoJack® for a hijacked website, but there are a few things you can do to make sure you don’t fall victim to a hacker:

  • Use a secure password. This means something better than just tacking a numeral 1 to the end of your first dog’s name. We have information in Keeping Your Hosting/FTP Password Secure.
  • Have your site scanned regularly. A lot of companies offer tools that will go through your site looking for malicious/suspicious-looking code or activity.
  • Update your website’s software. If you use something like WordPress®, keeping your software up-to-date is the difference between your site running smoothly and having a site infested with malware

By being aware of the threat of hackers and taking a few precautions, you can stop your site from harming visitors and other sites around the Internet.