University Systems help centre

Restrict access to your website: Windows

By default, UVic web spaces are visible to the public. For security reasons, you may want to restrict access to your personal website.

There are two restriction types:

  1. Only allow users with a valid NetLink ID to access your site.
  2. Only allow users with particular NetLink IDs to access your site.
  3. Only allow users with a particular, non-NetLink ID username to access your site.

These restrictions will make an authentication box appear when visitors navigate to your website (the appearance may differ depending on your web browser).

Entry fields for Netlink ID and Passphrase

Only allow users with a valid NetLink ID to access your site

1. Open a text editing application, such as Notepad or TextEdit.

2. Type the following text (as it appears in the image below): 

Text file for restricting access to UVic Netlink IDs

  • You may change the text Restricted to UVic NetLink to anything you wish to appear in the login dialogue.

3. Save your file as .htaccess. For the Save as type, select All Files.

4. Upload the file (using an SFTP client) to the folder that you wish to protect. All subfolders will be protected. If you wish to protect your entire site, upload the file to the www folder.

5. File permissions to .htaccess should allow read access to all users.

Cyberduck Get Info

set file permissions

6. To remove or change access restrictions, delete or edit your .htaccess file.

Only allow users with particular NetLink IDs to access your site

1. Open a text editing application, such as Notepad or TextEdit.

2. Type the following text (as it appears in the image below): 

Text file for restricting access to specific UVic Netlink IDs

  • Instead of typing NetLinkA NetLinkB and NetLinkC, type the NetLink ID(s) that may access your site.
  • You may change the text Restricted to UVic NetLink to anything you wish to appear in the login dialogue.

3. Save your file as .htaccess. For the Save as type, select All Files.

4. Upload the file (using an SFTP client) to the folder that you wish to protect. All subfolders will be protected. If you wish to protect your entire site, upload the file to the www folder.

5. File permissions to .htaccess should allow read access. 

Cyberduck Get Info

set file permissions

6. To remove to change access restrictions, delete or edit your .htaccess file.

Only allow users with a particular, non-NetLink ID username to access your site.

Part 1: Create your .htpasswd file

1. Go to https://studentweb.uvic.ca/htpasswd-generator/.

2. Type in the username and password you wish to provide access to your website, and click the Add User button. 

create hashed password

3. Open a text editing application, such as Notepad, and copy and paste the line of text generated into your text file.

copying hashed password

4. Repeat Steps 2-4 with any usernames you would like to have access, adding each on a new line of the text file.

.htpasswd file format

5. Save your file as .htpasswd. For the Save as type, select All Files.

6. Upload the file (using an SFTP client) to the data folder.

Part 2: Create your .htaccess file

1. Open a text editing application, such as Notepad.

2. Type the following text (as it appears in the image below): 

.htpasswd file format

  • Instead of NetlinkID in AuthUserFile use your own Netlink ID.
  • Instead of typing UsernameA UsernameB and UsernameC, type the Username(s) that may access your site.
  • You may change the text Restricted to Username to anything you wish to appear in the login dialogue.

3. Save your file as .htaccess. For the Save as type, select All Files.

4. Upload the file (using an SFTP client) to the folder that you wish to protect. All subfolders will be protected. If you wish to protect your entire site, upload the file to the www folder.

5. Check the permissions to .htaccess. They should be set to 740 to allow read access. To view the file, click on View-> Show Hidden Files. Select the file and click Get Info -> Permissions

Cyberduck Get Info

.htaccess unix permissions

6. To remove or change access restrictions, delete or edit your .htaccess file.