{"id":13664737,"url":"https://github.com/chrissy-dev/protected-github-pages","last_synced_at":"2026-02-16T15:38:26.362Z","repository":{"id":60190642,"uuid":"81959790","full_name":"chrissy-dev/protected-github-pages","owner":"chrissy-dev","description":"Password Protection for Static Pages","archived":false,"fork":false,"pushed_at":"2026-01-13T21:51:15.000Z","size":17,"stargazers_count":198,"open_issues_count":3,"forks_count":77,"subscribers_count":0,"default_branch":"master","last_synced_at":"2026-01-13T23:58:25.171Z","etag":null,"topics":["html","jamstack","javascript"],"latest_commit_sha":null,"homepage":"https://chrissy-dev.github.io/protected-github-pages/","language":"HTML","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/chrissy-dev.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-02-14T15:32:11.000Z","updated_at":"2026-01-13T22:30:03.000Z","dependencies_parsed_at":"2023-01-19T14:47:02.790Z","dependency_job_id":null,"html_url":"https://github.com/chrissy-dev/protected-github-pages","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/chrissy-dev/protected-github-pages","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chrissy-dev%2Fprotected-github-pages","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chrissy-dev%2Fprotected-github-pages/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chrissy-dev%2Fprotected-github-pages/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chrissy-dev%2Fprotected-github-pages/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/chrissy-dev","download_url":"https://codeload.github.com/chrissy-dev/protected-github-pages/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chrissy-dev%2Fprotected-github-pages/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29511872,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-16T09:05:14.864Z","status":"ssl_error","status_checked_at":"2026-02-16T08:55:59.364Z","response_time":115,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["html","jamstack","javascript"],"created_at":"2024-08-02T05:03:06.123Z","updated_at":"2026-02-16T15:38:26.357Z","avatar_url":"https://github.com/chrissy-dev.png","language":"HTML","readme":"# Password Protection for Static Pages\n\nA tiny, zero-configuration password gate for static websites.\n\nThis project provides a lightweight client-side barrier for static hosting platforms such as GitHub Pages, Amazon S3, Dropbox, or any generic file host. It is designed for temporary or low-risk use cases where you want to hide content from casual access without running a server.\n\nIt is intentionally simple, dependency-free, and works as a single HTML file.\n\n## What this is good for\n\nThis project is useful when you need:\n\n- A quick way to hide a static site behind a password\n- No server, no backend, no database\n- No build step or tooling\n- Something you can upload anywhere and forget about\n- A temporary gate for:\n  - Client previews\n  - Staging demos\n  - Internal documentation\n  - Personal pages you do not want indexed\n  - Short-lived or ad-hoc sharing\n\nIt still gets visits because it solves a very specific problem with almost zero setup.\n\n## What this is not\n\nThis is not real authentication and should not be treated as security.\n\nIt does not protect against:\n\n- Determined attackers\n- Brute-force attempts\n- Anyone who already knows or guesses the URL\n- Directory listing on misconfigured hosts\n\nIf you need real access control, use a backend, signed URLs, or platform-level authentication.\n\n\n## How it works\n\n- The password is hashed in the browser using SHA1\n- The hash becomes the folder name\n- The script attempts to load `{hash}/index.html`\n- If the file exists, the user is redirected\n- If it does not exist, access is denied\n\nThere is no server-side logic involved.\n\n\n## Setup\n\n1. Upload `index.html` to the root of your static hosting\n2. Open it in a browser and enter your chosen password\n3. You will see an “incorrect password” message\n4. Copy the value after the `#` in the URL\n5. Create a folder with that exact name\n6. Put the content you want to protect inside it\n\nYour final structure should look like:\n\n```\n├── index.html\n├── background.jpg\n└── this-is-a-hash    # SHA1 hash of your password\n    └── index.html    # your original index document\n```\n\nThat is it.\n\n\n## Demo\n\nLive demo: [chrissy-dev.github.io/protected-github-pages/](https://chrissy-dev.github.io/protected-github-pages/)  \nDemo password: `password`\n\n\n## Things to consider\n\n- If directory listing is enabled, this can be bypassed\n- Anyone with the direct hashed URL can skip the login\n- There is no rate limiting or brute-force protection\n- This is intentionally minimal and unopinionated\n\nTreat it as a speed bump, not a lock.\n\n## Project status\n\n**This is an older project that I no longer actively use, but it remains available because:**\n\n- It still solves a real, narrow problem\n- It has no dependencies or ongoing maintenance burden\n- People still find it useful for temporary setups\n\nThe scope will remain deliberately small.\n\n## Credits\n\nOriginal concept and early implementation inspired by [@matteobrusa](https://github.com/matteobrusa/Password-protection-for-static-pages)\n\n","funding_links":[],"categories":["HTML"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchrissy-dev%2Fprotected-github-pages","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fchrissy-dev%2Fprotected-github-pages","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchrissy-dev%2Fprotected-github-pages/lists"}