Exporting pages to different folders for Password Protecting with HTACCESS

[lex]

Hi MichaelZ,

I am not sure you have the right idea. Naming it private does not make it private (you can name it anything you like), but using htaccess to add password protection gives you controlled access.

It is true that Google and other similar services cannot show the content of a password-protected site to the browsing crowd.

But you can blindfold Google by using a simple trick called ‘robots.txt’ (see https://www.robotstxt.org/robotstxt.html for details). Let's assume you do not care about password protection, but just want to make a site for friends that only a few know about. Then you could use a not obvious path that you email to your friends, and add it to robots.txt so that it does not show up when using Google. Here is how to do it:

your main site is located at: something/,,,/public_html

make a subfolder something/,,,/public_html/private

put the following in robots.txt (placed in the main ‘public_html’ folder):
User-agent: *
Disallow: /private/

The effect is that Google will not record any data that is in your private folder and its subfolders.

Create a difficult path to the actual second private site, e.g. /private/bLthayosaQLfropH

Upload the second site to this location (e.g. www.domain.com/private/bLthayosaQLfropH/index.html)

Then send this address to the selected few (“go to www.domain.com/private/bLthayosaQLfropH for private content”) who can bookmark it and use it easily ever after. The odds are good that outsiders will not stumble on this site.

This avoids password management, and makes life easier if there is not anything to hide. It is not access control, the files are there for everybody to read if they know the difficult path.

Thank you Lex. That would do it. I didn't realize you can upload say 2 index.htm files to the same domain but i guess the only one thing that goes out to the www is what is in public? ie. if someone googles something, the pages under private will not be in the search results? Thanks again Lex.

[MichaelZ]

Thank you Lex. Yes, I realize calling private doesn't make it private but I did think that anything not under public is automatically private. My host does allow assigning users & passwords to folders so once I upload the "private" site to a different folder, I should be able to protect that with designated users. This is for a coin club that would like to now have a members only section. We know who the members are and should be able to assign users/passwords for them. Thank you also for the tip on the adding those lines to the robots.txt file. I should have my problem solved.

[lex]

Hello MichaelZ,

I think you are getting a grasp of this. To sum up, you have one domain, and all that is uploaded under the base address, be it in the main folder (typically www or public_html) or any of its subfolders is public, unless you set up a password scheme for individual files or subfolders (using Control panel or by creating manually an .htaccess file in the main folder).

If you are using passwords, then you can include a link to the private site. If not, then you must keep the real address unknown to the general public, and mention the folder it is under in robots.txt to avoid inclusion in Google search results.

A Xara site is not the same as a domain site. A domain can host multiple Xara sites (projects or sets of files) as long as each of them is in a different subfolder. So you can have
www/index.htm
www/second_site/index.htm
www/third_site/index.htm
etc.

The upload starting points are respectively www, www/second_site, www/third_site etc.

Thank you Lex. Yes, I realize calling private doesn't make it private but I did think that anything not under public is automatically private. My host does allow assigning users & passwords to folders so once I upload the "private" site to a different folder, I should be able to protect that with designated users. This is for a coin club that would like to now have a members only section. We know who the members are and should be able to assign users/passwords for them. Thank you also for the tip on the adding those lines to the robots.txt file. I should have my problem solved.