Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

.htaccess not encrypting?

Status
Not open for further replies.
Mors78

Mors78

Technical User
May 20, 2002
8
GB
Hi,
I have apache installed on my windows box (i know thats bad but i'm playing) I'm trying to use .htaccess to protect my dir's but I've run into a problem. I create the .htaccess file and .htpasswd file as normal but when i try and log in it refused my password, so, after some playing, I found out that if I type in my encrypted password from the .htpasswd file then it lets me through ??!!

So, if my user name and password of mors/mors look like this in the .htpasswd file
mors:gr53454pft (for example)

At the login screen I try mors/mors, but it doesn't let me in, but if I try mors/gr53454pft then it does??

What am I doing wrong?? Why is it not enrypting it??

Any help appreciated.

Mors

 
Sort by date Sort by votes
What version of Apache and Windows? I run Apache 1.3.2 on Windows 2K Pro very well - there's no problem doing this.

Did you use .htpasswd.exe to create your password file, or did you just save a text file using Notepad or some such editor? Please provide more details as to how you created .htaccess and .htpasswd, and the .htaccess file would help us help you, also. Newposter
"Good judgment comes from experience. Experience comes from bad judgment."
 
Upvote 0 Downvote
I'm running 1.3.2 aswell. I used the .htpasswd.exe to create the password file and everything seems to go ok in the .htaccess file aswell, I created that with ultra edit.
It just doesn't seem to unencrypt the .htpasswd file when it reads it. Here's my .htaccess file:

AuthUserFile /phpdev/
AuthName "Mors Board authenticate"
AuthType Basic

require valid-user




Any idea's??

Mors
 
Upvote 0 Downvote
I actually did not encrypt my password file, and was just contemplating doing so for better security. So the .htaccess routine works well for me in Win32 with a straight text password file. Now you've got me wondering if encryption does not work in Win32, even though it is supposed to. Any comments, especially from wullie? Newposter
"Good judgment comes from experience. Experience comes from bad judgment."
 
Upvote 0 Downvote
Hi Guys,

Encryption does work on Windows but I had to use a different encryption than the windows default.

After you call the htpasswd app, type the following using your own user and pass.

htpasswd -cmb .htpasswd username password

If you have any problems with this, check your error logs and if there are any errors there, post them here.

Hope this helps Wullie

 
Upvote 0 Downvote
Wullie, thanks for your reply, but when I type in the command you put in above using the cmb switch etc it does nothing but just repeat the options that go with the .exe if yo were to type "htpasswd" alone. e.g:


C:\phpdev\ -cmb .htpasswd mors mors
Usage: htpasswd [-(c|d)] <passwdfile> <username>
-c: Create password file if it doesn't exist
-d: Delete the specified user


Also, I have checked my error log and it reports this when I try to log in and it wont allow me because it will only accept a raw password:

[Fri May 31 22:05:28 2002] [error] [client xxx.xxx.xxx.xxx] user mors: authentication failure for &quot;/&quot;: password mismatch



Any ideas??

Thanks

Mors
 
Upvote 0 Downvote
A few things to check here:

1) If you use the -c switch, you must not already have the existing .htpasswd file in that directory. -c creates a new one.

2) I find the -cmb options listed when I do an htpasswd command. -m forces the MD5 format encryption that is supposed to work with Windows. -b uses the password from the command line rather than prompting for it when creating the user. Do you see the full list of options?

It did create the file as requested for me, and the password is encrypted. Newposter
&quot;Good judgment comes from experience. Experience comes from bad judgment.&quot;
 
Upvote 0 Downvote
Thanks for the help but I've I worked out what had caused my problems-because i'm new to apache, I din't know there was a version of the file in apache\bin, so I downloaded a vers off the net, and it only allowed a couple of switches-must have been an old one.
It now recognises its a windows password and converts it accordingly.
-All's working now.

Thanks for your help

Mors
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Krus1972
  • Locked
  • Question
Rewrite Rule for .htaccess Help
Replies
0
Views
245
Krus1972
Krus1972
hobbytech
  • Locked
  • Question
Internet not connecting
Replies
5
Views
314
Stephen_Hawk
Stephen_Hawk
CecilXavier
  • Locked
  • Question
RHEL IDM with Radius not authenticating
Replies
0
Views
194
CecilXavier
CecilXavier
tyutghf
  • Locked
  • Question
htaccess password protect website
Replies
1
Views
120
feherke
feherke
kurio71
  • Locked
  • Question
Favicons not Working after Redirection 1
Replies
7
Views
243
ChrisHirst
ChrisHirst

Part and Inventory Search

Sponsor

Back
Top