...

View Full Version : .htpasswd problem



Billyhunt
02-02-2004, 10:50 PM
I've the horrible feeling that I am beyond help here :(
I've read through other threads on problems with .htaccess followed posted guides to the letter but still I have the same problem. :(

I've htaccess password protected a folder on my site.
Everything worked fine until I went back to my homepage at the root of the directory and was promptly requested to enter the password this seems to happen with just index.html and index.php
The password doesn't have to be entered the window can just be closed and users can carry on to the rest of the site :confused:
I tried putting a blank .htaccess file into the root but that didn't make a difference

heres my .htaccess file if needed as I said it does work on the folder

AuthUserFile my/full/server/path/myfolder/.htpasswd
AuthGroupFile /dev/null
AuthName EnterPassword
AuthType Basic
require user myusername

I placed the .htpasswd file into the same folder

I saw a thread where they used

<Directory /server/path/folder>
AuthUserFile my/full/server/path/myfolder/.htpasswd
AuthGroupFile /dev/null
AuthName EnterPassword
AuthType Basic
require user myusername
</Directory>

So I tried that which did remove the password request from the root but it just came up with an error when I tried to access the passworded folder :(

Billyhunt
02-03-2004, 12:32 AM
Sorted it by passwording a folder within another folder :)

Billyhunt
02-03-2004, 01:07 AM
Cancel that last comment :o
Don't you just love these Newbies who haven't a clue :D

Right I know what the problem is now
On my index pages I've inserted a php tracker to track visitors and to see who the referrer was.
I tried to password protect the folder where all the information was stored and where I could view it.
But the script is bringing up the .htaccess password window as it's accessing the passworded folder

Any solutions? :)

Spookster
02-03-2004, 06:21 AM
What you might be able to do is in your php tracker add the login information for that directory. Find in the code where the tracker software is accessing that directory and use an absolute path instead of the relative path it is probably using and include the login on the front of it. Like so:

http://username:password@www.yourdomain.com/protecteddirectory/file.php

Billyhunt
02-03-2004, 11:54 AM
I was thinking something along those lines but the only problem is when I view the source of the web page it shows all the information of the javascript that calls the PHP functions so my password would be quite easy to get .
I'm beginning to think it might be easier to use a different tracker.
The thing I liked about this tracker was that it used a gif image to track so I could easily track HTML pages as well as php pages but it's just not secure enough.

Billyhunt
02-03-2004, 12:45 PM
Don't hold your breath but I think I've done it :D

I moved the the PHP script that was called from the index page.
Then edited that PHP script to write the results to a different folder which I have passworded and it seems to be working :D

[very smug] Right what can I do now? :D

Spookster
02-03-2004, 08:08 PM
Originally posted by Billyhunt
I was thinking something along those lines but the only problem is when I view the source of the web page it shows all the information of the javascript that calls the PHP functions so my password would be quite easy to get .
I'm beginning to think it might be easier to use a different tracker.
The thing I liked about this tracker was that it used a gif image to track so I could easily track HTML pages as well as php pages but it's just not secure enough.

I don't think you understood what I said because PHP source code is not sent to the browser so people would not be able to view the login.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum