Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6
  1. #1
    New to the CF scene
    Join Date
    Feb 2003
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts

    .htaccess password protection

    Hi,
    I'm having problems with the password protection on a directory using .htaccess.
    I've created a password file .htpasswd and put in a line of the form:

    username:encryptedpassword

    then in my .htaccess file I've added the following lines:

    AuthType Basic
    AuthName "Locked Area"
    AuthUserFile /<absolute_path_to_my_password_file>/.htpasswd
    require valid-user

    However, when I try and access the directory using the correct username/password it is rejected as invalid. (I've tried several different password encryption programs).
    Any ideas?

    Thanks a lot,
    Alison

  • #2
    Supreme Overlord Spookster's Avatar
    Join Date
    May 2002
    Location
    Marion, IA USA
    Posts
    6,273
    Thanks
    4
    Thanked 83 Times in 82 Posts
    Spookster
    CodingForums Supreme Overlord
    All Hail Spookster

  • #3
    New to the CF scene
    Join Date
    Feb 2003
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Thanks , but I've already looked at that code guide and others. I think I have done it correctly (at least according to those guides I have), but there is something else that is causing it not to work, e.g. file permissions, or something in Apache that needs to be set. The files are all owned by the same user and all users have read permissions. I just wondered if there was something else that I should've set that isn't mentioned in the guides.

  • #4
    New Coder
    Join Date
    Jan 2003
    Posts
    60
    Thanks
    0
    Thanked 0 Times in 0 Posts
    there's a couple of syntactical errors in your post, maybe also in you file if you didnt copy and paste.

    it should looks like this :
    (a *working* example)
    Code:
    Authname "Secure Area"
    Authtype Basic
    AuthUserFile /abs path to file/.htpasswd
    AuthGroupFile /dev/null       /* this can be ommitted 
    
    <Limit GET POST>
    	require valid-user
    </Limit>
    look at the case of Authtype and you also dont have method for authentication

    also both .htaccess & .htpasswd need to be in the directory you are protecting unless path specifies otherwise and CHMOD 644 both of them.

    htaccess is a '*nix thing' not an 'apache thing' and if you are getting login errors its in your file that is the prob.

    the above code is an exact copy of my file
    (with some ommissions for groups and custom access and the like)

    BTW i have a perl script that will generate both these files for you from the directory you wish to protect if that will help

    hope this helps


    g00fy
    Last edited by g00fy; 03-05-2003 at 09:49 AM.

  • #5
    New to the CF scene
    Join Date
    Feb 2003
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Thanks Goofy,

    I think the problem was that the correct permissions were not set up in the apache conf files. Anyway, I ended up putting this entry into access.conf


    <Directory /home/sites/<mysite>/web/admin>
    DirectoryIndex index.php
    AuthType Basic
    AuthName "Secure Area"
    #Path to file containing username/password for user validation
    AuthUserFile /home/sites/<mysite>/users/<username>/private/.htpasswd
    #This will allow access to any valid username/password combination found in the
    password file
    require valid-user
    </Directory>

    And this worked ok. It's also apparently faster to do it this way as all the .htaccess files are not searched every time the directory is accessed.

    Alison

  • #6
    New Coder
    Join Date
    Jan 2003
    Posts
    60
    Thanks
    0
    Thanked 0 Times in 0 Posts


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •