Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    Regular Coder
    Join Date
    Sep 2002
    Posts
    157
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Thumbs down problems with htaccess and password protection

    hello
    im having a really annoying problem with htaccess and my site.
    NO login box comes up or anything.
    im trying to make a password protected directory for my 'clan game website':

    http://www.improfane.pwp.blueyonder.co.uk/rag/

    the supposed to be protected page is:
    http://www.improfane.pwp.blueyonder.co.uk/rag/members/

    inside the directory at:
    http://www.improfane.pwp.blueyonder.co.uk/rag/members/

    i have index.html, .htpasswd and .htaccess

    whenever i try go to the member's directory the page will always goes to the othererror page as this is
    ErrorDocument 403 inside the htaccess file at:

    http://www.improfane.pwp.blueyonder.co.uk/rag/

    i STILL CANT get it to work.

    here the contents of htaccess in
    the main page:
    Code:
    ErrorDocument 403 http://improfane.pwp.blueyonder.co.u...othererror.htm
    #Forbidden Area (no access)
    
    ErrorDocument 404 http://improfane.pwp.blueyonder.co.uk/rag/error404.htm
    #Page not found
    
    ErrorDocument 500 http://improfane.pwp.blueyonder.co.u...othererror.htm
    #Error inside servers
    
    ErrorDocument 401 http://improfane.pwp.blueyonder.co.uk/rag/unauth.htm
    #Incorrect Password
    and heres the contents of the .htaccess in the members directory:

    Code:
    <Directory /htdocs/rag/members/>
    AuthUserFile "/htdocs/rag/members/.htpasswd"
    AuthGroupFile /dev/null
    AuthName "test"
    AuthType Basic
    require valid-user
    </Directory>
    My ISP tells me this about htaccess:
    http://help.blueyonder.co.uk/html/web/htaccess.shtml
    ive tried following it, and it dont seem to work for me.
    ive also followed javascriptkit/wbstraction site and tried their guide, no success.

    i think it may have somthing to do with CHMOD, what are the CHMOD things should be htpasswd/passwd file and the htaccess and the member directory?

    please help :P
    Last edited by vkidv; 12-21-2003 at 12:35 PM.
    Regards
    VKiDV

  • #2
    New Coder
    Join Date
    Aug 2003
    Location
    Atlanta, Georgia
    Posts
    75
    Thanks
    0
    Thanked 0 Times in 0 Posts

    htaccess article

    I wrote this some time ago. I am not a guru on the subject, but have used htaccess a little bit. It is easy to use. I dont see what is wrong, except for a few differences in yours versus mine, but I am not sure of the absolute requirements. Check out the article, and let me know if it helps. You can view it at:

    http://www.tdavisconsulting.com/htaccess.html

    Thanks,
    Tony Davis

  • #3
    Regular Coder Feyd's Avatar
    Join Date
    May 2002
    Location
    Los Angeles, CA Maxim: Subvert Society
    Posts
    404
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Strange that your host tells you to use FQDNs for your error redirects, that isn't very common (usually the redirects are relative to the root directory).

    You don't need to enclose your path to htpasswd in quotes, what I mean is that you shouldn't need to, though it looks like your host has some interesting tweaks setup, so perhaps you do need to (but it isn't common).

    You also do not technically need to enclose your password protection commands in the directory block. You should simply be able to remove <directory blah bla> and the closing directory and have it work, the only reason you might need it is if you want that htaccess to be your global htaccecss. But in order to avoid password protecting the entire site, you would use the DIRECTORY block to say only password protect this area, not the entire site. The easy workaround is to upload an htaccess with just your password prorection (no directory) into your members area.

    Also, you are storing your htpasswd file in a publicly accessible area...this is bad. That password file can be gotten to and sniffed. You need to always (if possible) place your htpasswd in a non-web accessible directory (above your root or www or html or htdocs directory).

    Are you sure you have the correct path to your htpasswd file? With some virtual hosts, the path to the file can be slightly different than what it appears.

    Technically, nothing is wrong with your htaccess, if there was a problem with it, you'd more than likely get a 500 error. Not being able to find your htpasswd file at the location you specified can sometimes cause a 403 error, and sometimes cause a 500 error. It depends on the server.

    It should be working, though there are a few curious items (as I mentioned)...it is odd, though. Try removing the directory enclosing, as I indicated, and remove the quotes from your htpasswd path. Also just double check you have the correct path to your htpasswd file.

    http://javascriptkit.com/howto/htaccess3.shtml
    Moderator, Perl/CGI Forum
    shadowstorm.net - subvert society


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •