I am designing a website and for the first time I need to add password protection to certain pages e.g. John Dough needs to have the password to access jdough.html . I was looking online and I see a lot of references to .htaccess . Is that still the standard way to add password protection? Are there better (& standard) ways to do this in 2015? And I am planning on taking the person’s password, add a seed and hash it with RSA256 and store THAT as the password so I don’t know if that makes a difference.
In Apache, the preferred approach is to set the access rules in configuration files, if possible.
https://docs.oracle.com/cd/B14099_19/web.1012/q20206/howto/htaccess.html#when
However, in many cases you may not have access to those files. This is when you have to rely on .htaccess.