Drupal Logo

Setting Up Basic Authentication On A Drupal Site Without .htaccess

14th July 2015 - 6 minutes read time

Basic HTTP authentication is a simple authentication mechanism that is used to prevent access to a site or directory on a server. It is by no means the most secure authentication mechanism but it is commonly used on staging sites in order to prevent unwanted access. This is a good way of preventing search engine bots from spidering the staging site, which is undesirable as it can cause staging site pages appearing in search engines results.

The usual route to set this up is to create a .htaccess that sets up the authentication and references a .htpasswd file to create the username and password details. This can mean editing the .htaccess file in order to setup the password correctly. Unfortunately, this creates a .htaccess file that shouldn't be added to the repository as it would mean that the live site would also be password protected when the code is deployed.

Read the full article