.htaccess on IIS?

Posted on 2007-08-02
Last Modified: 2013-12-13

I have a bunch of PHP websites that are currently hosted on a Linux server that I am trying to "migrate" to a Windows server. Many of the websites make use of .htaccess and .htpasswd to protect folders.

Is there any way I can make this work on IIS - or do I have to re-do all of them?
Question by:psimation
    LVL 48

    Assisted Solution

    IIS does not evaluate a .htaccess file. Guess you have o redo all of them. If you change php-setings via .htaccess, see
    LVL 4

    Assisted Solution

    If you want to set PHP options then, in certain combos of IIS and PHP (although i forget which), placing a php.ini file in each directory that you would have had a .htaccess and settings the dir specific values there will work.

    For htpasswd emulation on IIS you can either muck around creating system user accounts or go check out the freeware
    LVL 17

    Author Comment


    the main "feature" I want to have work is the directory password feature of .htaccess and .htpasswd

    I already stumbled apon the troxo crowd, I sent that link to my ISP to ask them if they would be willing to install it on their servers.

    Do you have any experience with that? Will it "just work" or will there still be "tweaking" involved?
    LVL 4

    Expert Comment

    ah well in that case unless you have RDP access It will probably require your isp to set the password options for each directory for you which may be a pain.

    Another option, which again involves your ISP getting involved, is to ask them to install some form of mod_rewrite for IIS, there are several in existance and I can't recommend any in particular.
    Using that you could rewrite any access to the directory in question to change


    Then in index.php do something along the lines of tgis bit of psuedo code

    $_SESSION['filename'] = $_GET['file'];
    if($_POST['username'] or $_SESSION['validuser']){
          authenticate the username and password
         add session vars to remember they've authenticated for a while to save them loging in again
       check if there is a filename in the session
        send correct MIME header for the file type
        Open the file and send it byte by byte
    } else {
        display login form which posts back to this script
    LVL 5

    Accepted Solution

    Use ISAPI Rewrite for IIS
    you can find it from

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    Suggested Solutions

    Generating table dynamically is the most common issue faced by php developers.... So it seems there is a need of an article that explains the basic concept of generating tables dynamically. It just requires a basic knowledge of html and little maths…
    Deprecated and Headed for the Dustbin By now, you have probably heard that some PHP features, while convenient, can also cause PHP security problems.  This article discusses one of those, called register_globals.  It is a thing you do not want.  …
    The viewer will learn how to dynamically set the form action using jQuery.
    The viewer will learn how to count occurrences of each item in an array.

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now