Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6
  1. #1
    New to the CF scene
    Join Date
    Feb 2006
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts

    .htaccess redirects 401 to Error Doc.

    Thanks, in advance for ANY help or thoughts.

    I have for quite a while been password protecting my Wholesale site. As long as I don't try to Tract, Stop, or get informed of bad attempts. The code works fine.

    The .htaccess file is:

    AuthUserFile /home/users/web/b1488/hy.nunyetbut/cgi-bin/amlite/upinfo/.htpasswd
    AuthName "Micapache Volume Discount/Wholesale"
    AuthType Basic

    DirectoryIndex wtermsp.htm

    Options +Indexes

    require valid-user

    Works fine.

    The second part of this particular script is intended to assist the user with lost password retrieval and inform me of any abuse. It also will block anyone from making more than 3 bad attempts and inform me of the abusing addy.

    To add this script, the new .htaccess is:


    AuthUserFile /home/users/web/b1488/hy.nunyetbut/cgi-bin/amlite/upinfo/.htpasswd
    AuthName "Micapache Volume Discount/Wholesale"
    AuthType Basic

    Options +Indexes

    DirectoryIndex wtermsp.htm

    require valid-user

    ErrorDocument 401 /cgi-bin/amlite/unauthorized.pl?/home/users/web/b1488/hy.nunyetbut/discwhole/.htaccess
    ErrorDocument 403 /cgi-bin/amlite/blocked.pl?/home/users/web/b1488/hy.nunyetbut/discwhole/.htaccess

    The problem is that this .htaccess file causes the server to not send a 401 request but to send the 401 Error doc. More specificly my unauthorized.pl and not the usual 401 username/password screen.

    My host won't help as this is not their script. The Host Server is now using Apache 1.3.3 and RedHat 7.3 and 9.0.

    I just can not figure WHY the server does not send the Request before it goes to the error doc.

    Any ideas or help would be really appreciated.

  • #2
    raf
    raf is offline
    Master Coder
    Join Date
    Jul 2002
    Posts
    6,589
    Thanks
    0
    Thanked 0 Times in 0 Posts
    welcome here!

    i fail to see what this has got to do with php ...
    Posting guidelines I use to see if I will spend time to answer your question : http://www.catb.org/~esr/faqs/smart-questions.html

  • #3
    New to the CF scene
    Join Date
    Feb 2006
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Thanks.!

    I have The same reaction. I spent a week researching Apache and password protection in an effort to find what the script could be doing to the server that would cause it to not follow normal processes and came up empty. I tried to get the Techs with my Host to tell me why the servers are doing this and they tell me that it is in my script. But as you say perl isn't the problem. I agree.

    I am at my wits end and I guess I didn't ask the right guestion in the right place. So I need to know WHERE to ask and WHO to ask.

    Thanks for your time and efforts.

  • #4
    raf
    raf is offline
    Master Coder
    Join Date
    Jul 2002
    Posts
    6,589
    Thanks
    0
    Thanked 0 Times in 0 Posts
    well, i'm probably not the best one to answer this, but since noone steps in: don't use .htaccess if you can avoid it --> take a look at the "When (not) to use .htaccess files" section at http://httpd.apache.org/docs/2.0/howto/htaccess.html
    I never needed to use it.

    So: why do you use .htaccess for your authentication? Can't you use a simple php-script?
    Posting guidelines I use to see if I will spend time to answer your question : http://www.catb.org/~esr/faqs/smart-questions.html

  • #5
    New to the CF scene
    Join Date
    Feb 2006
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Many Thanks

    I do not have server access, as I am just a Hosted site. But your redirect made me do more research in the .htaccess file and its requirements on Apache 1.3.3. I discovered that with this upgrade the server required the use of AuthGroupFile directive. I then went to my .htaccess and added the line AuthGroupFile /dev/null, which told the server that the .htpasswd file was all that was needed. It now works.

    Thanks again. Simple solution for an annoying problem.

  • #6
    raf
    raf is offline
    Master Coder
    Join Date
    Jul 2002
    Posts
    6,589
    Thanks
    0
    Thanked 0 Times in 0 Posts
    glad you got it working.
    Posting guidelines I use to see if I will spend time to answer your question : http://www.catb.org/~esr/faqs/smart-questions.html


  •  

    LinkBacks (?)


    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •