.htpasswd doesn't apply to Cloudflare-protected websites

I want to password protect one of my websites, but the .htaccess files don’t seem to apply to the cloudflare protected websites. Can Cloudflare replicate this feature, or should I change an option?

Hm, weird.

Usually, it has no impact and works fine being served from the origin.

Furthermore, there were users who have had 401 Authorization enabled and we saw it while using Cloudflare and the hostname was proxied :orange:.

Are you sure you have correctly defined the directory path for protection with 401 auth and the is the .htaccess among .htpasswd file path containing correct credentials also located in the needed directory which you want to protect?

Are you sure your Web server supports htacces actually?
Have you checked if it is an Apache / Litespeed or Nginx?

Helpful article:

Another one:

Nevertheless, using Cloudflare, you can create a Firewall Rule to restrict and block all the requests except the one comming from only your IP or your Country to successfully access the Website, while all the others will see an “Access Denied” page.

If interested, below are the articles while you can navigate to Cloudflare Dashboard → Firewall Rules and create one as an example from below:

Example of my statement from above in code expression and picture too:

  • (not ip.src in {my.ip.v4.here}) - just replace my.ip.v4.here with your IP address and make sure the Action is set to “Block

1 Like

Hmm, it seems to just magically work now? I didn’t even change anything! Well, thank you for helping me :man_shrugging:

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.