11-13-2003, 07:27 AM
I'm trying to use .htaccess and .htpasswd to password protect a directory on my server. I've got it to where it will pop up with the box that asks for the un and pass, but no matter what I type in there, it wont accept it. I followed all the instructions on this website: http://wsabstract.com/howto/htaccess3.shtml but it is unclear about exactly what to do.. I'm not entirely sure what all information should go into the .htpasswd file, and exactly how it should be encoded. Any help would be appreciated.
11-13-2003, 11:22 PM
in the password file, you need to have your information formatted like:
There is program that comes with apache (or it should) that you can use for encrypting the passwords. I forget what it is called though.
Be wary of the ones built into some websites, I tried using one and it didn't encrypt it right and I was pulling my hair trying to figure out what was wrong.
If you have shell or telnet access to your server, and it is a nix variant, you can use the CRYPT function to create the passwords...
htpasswd -c /path/to/your/.htpasswd username
this will prompt you to enter a password for 'username' and append the username:password to your htpasswd file. Run man htpasswd at the command line for more info. Depending on your server, you may need to do something along the lines of
/var/www/bin/htpasswd -c /path/to/your/.htpasswd username
The two versions above are the apache version of encrypting, though there is a system version availble on nix variants of just plain old crypt()