.htaccess, help the confused newbie

[Lazerousz]

I have followed the instructions in the faq and the instructions from apache, and I have gotten the password prompt to load, but it is still telling me:

[Wed Jun 15 18:54:57 2005] [error] [client 69.204.6.50] user lazerousz not found: /Negaworks/Documents/

This is dislayed in the error log even though I have the file created using htpasswd, I've tried it many times in MD5 format and in plaintext with the same type of result.

 

[Wishdiak]

Lazerousz,

What does your .htaccess file look like? It should have, at least

AuthType Basic
AuthUserFile /path/to/your/htpasswd
Require user username

See

http://httpd.apache.org/docs/howto/auth.html

(for 1.x) or

http://httpd.apache.org/docs-2.0/howto/auth.html

(for 2.x).

Wishdiak
A+, Network+, Security+, MCSA: Security 2003

http://www.wishdiak.com

 

[Lazerousz]

AuthUserFile /bin
AuthGroupFile /dev/null
AuthName "Restricted Area"
AuthType Basic

<Limit GET POST>
require valid-user
</limit>

Is what it is currently configured as, I've used that configuration as well, but it will still not accept the files

and just using

AuthType Basic
AuthUserFile /path/to/your/htpasswd
Require user lazerousx

gives me a internal server error declaring in the error log that is need the authname

 

[Wishdiak]

Lazerousz,

Did you use the command 'htpasswd -c /path/to/your/htpasswd username'? I'd delete it and recreate using this command.

Also, be sure that the file and directory has the correct permissions for Apache to read it.

Wishdiak
A+, Network+, Security+, MCSA: Security 2003

http://www.wishdiak.com

 

[Lazerousz]

I've tried recreating the htpasswd file. This is just giving me a 500 error. By correct permission do you mean having The AllowOverride set to AuthConfig?

 

[Wishdiak]

Lazerousz,

I was referring to the file and folder permissions for your htpasswd file. In fact, looking at your previous post,
AuthUserFile /bin
should be the path to the file including the file name.

Wishdiak
A+, Network+, Security+, MCSA: Security 2003

http://www.wishdiak.com

 

[Lazerousz]

Currently I am using:

AuthType Basic
AuthName "X"
AuthUserFile "C:/Program Files/Apache Group/Apache2/passwd/.htpasswd"
Require user lazerousz

the .htpasswd files is in that location

This setup will load the password prompt

[Thu Jun 16 17:34:34 2005] [error] [client XX.XXX.X.XX] (OS 2)The system cannot find the file specified. : Could not open password file: C:/Program Files/Apache Group/Apache2/passwd/.htpasswd

[Thu Jun 16 17:34:34 2005] [error] [client XX.XXX.X.XX] user lazerousz not found: /Negaworks/documents/

[Thu Jun 16 17:34:55 2005] [error] [client XX.XXX.X.XX] File does not exist: C:/Program Files/Apache Group/Apache2/htdocs/favicon.ico

 

[Lazerousz]

Alright I have it down to a workable error.

The Apache server cannot access the the htpasswd file in the folder, but I am unsure how to make sure it access the correc access rights.

 

[Lazerousz]

Right...finally got it...five days many errors, thanks for your help, I'm sure I'll be back...

 

[Wishdiak]

Lazerousz,

Was the solution to set the correct permissions on the file "C:/Program Files/Apache Group/Apache2/passwd/.htpasswd"?

Wishdiak
A+, Network+, Security+, MCSA: Security 2003

http://www.wishdiak.com

 

[Lazerousz]

Well after trying the various solutions I ended up first repairing the installation, I think my major issue was an error in creating the .htpasswd, and then I needed to use " and

AuthUserFile "C:/Program Files/Apache Group/Apache2/passwd/ .htpasswd"

placing an extra space after the final forward slasg so that it identified it as a file rather than another folder.

 

[Wishdiak]

Lazerousz,

That's good to know. I installed Apache on Windows a long time ago, but I admit that I'm weak in that area. I don't recall seeing anything in the documentation about needing a space between the path and the file name (in Windows), so I'll know that in case it comes up again.

Many thanks.

Wishdiak
A+, Network+, Security+, MCSA: Security 2003

http://www.wishdiak.com