=======================================
How to get .htaccess to work in Windows
=======================================
A number of other websites have tutorials on .htaccess under windows,
but they leave out an important step that needs to be accomplished
(at least on the Apache version that I installed):
Changing AllowOverride None to AllowOverride All
in httpd.conf for the applicable directories.
Without this small step, no box will pop up. No password prompt
will even appear.
Assuming, however, that you haven't gotten that far, here's a
step by step for the whole process, assuming you just want
to password protect htdocs...
-------------------
1. Create .htpasswd
-------------------
Bring up a command prompt with cmd or command.com (Run, cmd).
Type, or paste in (via right-click) the following commands:
cd C:\Program Files\Apache Group\Apache2\bin
htpasswd -cb ../htdocs/.htpasswd username password
This will create an MD5 encoded .htpasswd file that should
look something like this:
username:$apr1$RO0.....$x2bCcfOl0gFFFFKdPSeuu/
-------------------
2. Create .htaccess
-------------------
Open notepad and paste in the appropriate text. Here's a sample:
AuthType Basic
AuthName "Restricted Access"
AuthUserFile "C:\Program Files\Apache Group\Apache2\htdocs\.htpasswd"
order deny,allow
deny from all
Make sure you change the "Save as type:" to "All files" and go
ahead and save it as .htaccess (in the directory htdocs).
-----------------------
3. Change AllowOverride
-----------------------
In httpd.conf, you'll need to change the AllowOverride to All for
any directories that you wish to use .htaccess with. For the
defaut configuration, find "# AllowOverride controls" and change
the text four lines down from None to All.
====
NOTE
If you have an enormous hosts file with everything pointing to
127.0.0.1, you end up getting prompted everytime you aim your browser
much of anywhere these days, so you may want to try having an
.htaccess consisting solely of something like this:
order deny,allow
deny from all
<--still trying to figure this out!!
AuthType Basic
AuthName "Restricted Area"
AuthUserFile "C:\Program Files\Apache Group\Apache2\htdocs\.htpasswd"
require valid-user
====
--illuzion