Guides & Tutorials

Selective Password Protection

Guides & Tutorials

Selective Password Protection

We recognize that one size does not fit all. Sometimes you need to password protect some or all of your deploy previews so that curious minds don't get the jump on your new product or announcement. Let's walk through a way to protect specific deploys on any paid account (password protection is a paid feature).

This example will apply to all deploy previews for branches other than your main branch. So, we'll still build and deploy the main branch and PR's against it as usual with this configuration. If you need to limit it to just some branches but want others unprotected, you should be able to extrapolate this example but if that is problematic please contact support and we can advise further.

You will almost certainly want to adapt this to tooling that you otherwise use (unless you, like me, are a bit old-school and still use make and Makefiles :) )

In this setup, you'll use deploy contexts to perform different behavior on selected deploys, as documented here:

https://www.netlify.com/blog/2016/08/30/introducing-deploy-contexts-in-netlify/

What we're doing: creating an _headers file (see https://docs.netlify.com/routing/headers/ for more info) that we will use only for deploy previews on your specified branches. This will be copied into place for previews (that is, anything not a commit or PR on master), and thereby cause Basic HTTP Authentication to be enforced for the entire site in those previews.

Note that there are 3 different files here. The Makefile directs the build process to do different things depending on which target is selected; the netlify.toml will select the target automatically based on the deploy type (master or not), and the _headers (copied into place from someplace it won't be used accidentally on master!) contains the authentication forcing function.

Makefile:

production:
    middleman contentful && middleman build

deploy_preview:
    middleman contentful && middleman build && cp netlify_headers _site/_headers

netlify.toml:

[context.production]
  command = "make production"
[context.branch-deploy]
  command = "make deploy_preview"

netlify_headers:

/*
        Basic-Auth: login:password

Introducing Account usage insights: Gain a deeper understanding of your Netlify usage

Ritesh Kewlani

April 10, 2024

Tools & Services

Create dynamic digital experiences (with any framework) through Netlify Platform Primitives

April 9, 2024

News & Announcements

Gain better insights into edge caching behavior on Netlify

Marcus Weiner

April 8, 2024

Book cover with the title Deliver web project 10 times faster with Jamstack enterprise

Deliver web projects 10× faster

Get the whitepaper

Selective Password Protection

Selective Password Protection

Keep reading

How to bring your composable website inside the Chinese firewall

Deploy Your Angular v17 Apps to Netlify

Recent posts

Introducing Account usage insights: Gain a deeper understanding of your Netlify usage

Create dynamic digital experiences (with any framework) through Netlify Platform Primitives

Gain better insights into edge caching behavior on Netlify

Deliver web projects 10× faster