...

View Full Version : .htaccess redirects 401 to Error Doc.



nunyetbutsoonma
02-10-2006, 10:31 PM
Thanks, in advance for ANY help or thoughts.

I have for quite a while been password protecting my Wholesale site. As long as I don't try to Tract, Stop, or get informed of bad attempts. The code works fine.

The .htaccess file is:

AuthUserFile /home/users/web/b1488/hy.nunyetbut/cgi-bin/amlite/upinfo/.htpasswd
AuthName "Micapache Volume Discount/Wholesale"
AuthType Basic

DirectoryIndex wtermsp.htm

Options +Indexes

require valid-user

Works fine.

The second part of this particular script is intended to assist the user with lost password retrieval and inform me of any abuse. It also will block anyone from making more than 3 bad attempts and inform me of the abusing addy.

To add this script, the new .htaccess is:


AuthUserFile /home/users/web/b1488/hy.nunyetbut/cgi-bin/amlite/upinfo/.htpasswd
AuthName "Micapache Volume Discount/Wholesale"
AuthType Basic

Options +Indexes

DirectoryIndex wtermsp.htm

require valid-user

ErrorDocument 401 /cgi-bin/amlite/unauthorized.pl?/home/users/web/b1488/hy.nunyetbut/discwhole/.htaccess
ErrorDocument 403 /cgi-bin/amlite/blocked.pl?/home/users/web/b1488/hy.nunyetbut/discwhole/.htaccess

The problem is that this .htaccess file causes the server to not send a 401 request but to send the 401 Error doc. More specificly my unauthorized.pl and not the usual 401 username/password screen.

My host won't help as this is not their script. The Host Server is now using Apache 1.3.3 and RedHat 7.3 and 9.0.

I just can not figure WHY the server does not send the Request before it goes to the error doc.

Any ideas or help would be really appreciated.

raf
02-11-2006, 02:46 PM
welcome here!

i fail to see what this has got to do with php ...

nunyetbutsoonma
02-11-2006, 04:33 PM
I have The same reaction. I spent a week researching Apache and password protection in an effort to find what the script could be doing to the server that would cause it to not follow normal processes and came up empty. I tried to get the Techs with my Host to tell me why the servers are doing this and they tell me that it is in my script. But as you say perl isn't the problem. I agree.

I am at my wits end and I guess I didn't ask the right guestion in the right place. So I need to know WHERE to ask and WHO to ask.

Thanks for your time and efforts.

raf
02-12-2006, 11:33 AM
well, i'm probably not the best one to answer this, but since noone steps in: don't use .htaccess if you can avoid it --> take a look at the "When (not) to use .htaccess files" section at http://httpd.apache.org/docs/2.0/howto/htaccess.html
I never needed to use it.

So: why do you use .htaccess for your authentication? Can't you use a simple php-script?

nunyetbutsoonma
02-12-2006, 07:08 PM
I do not have server access, as I am just a Hosted site. But your redirect made me do more research in the .htaccess file and its requirements on Apache 1.3.3. I discovered that with this upgrade the server required the use of AuthGroupFile directive. I then went to my .htaccess and added the line AuthGroupFile /dev/null, which told the server that the .htpasswd file was all that was needed. It now works.

Thanks again. Simple solution for an annoying problem.

raf
02-12-2006, 09:00 PM
glad you got it working.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum