Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

.htacess and .htpassword 1

Status
Not open for further replies.
mrbusy

mrbusy

Technical User
Dec 10, 2003
118
Im in the process of trying to password protect a directory on a our website using .htaccess and .htpassword. I should say that Im strictly a Windows admin and Im having a little trouble getting to grips with doing this.

Our ISP, who allow but dont support password protection, have Apache/1.3.29 presumably running on UNIX. I dont have any access to the box or any logs, so Im not sure if what Im doing is very wrong or just needs tweaking to work.

I have uploaded .htaccess with the following content:
AuthUserFile .htpasswd
AuthName "Webstats"
AuthType Basic

<Limit GET>
require valid-user
</Limit>

And .htpassword with the following in it:
admin:a.ekGncek/jVg

The directory Im trying to access is a subdirectory of the top level of our FTP access and is called secure. I uploaded the files to the secure directory. When I try to access it though a web browser I do get a password prompt come up but it doesnt work.

I used a couple of different online .htpassword generators to make the password file, but I dont really know what Im looking at. They all seem to generate a different output and none have worked when I upload the file.

Can anyone tell me where Im going wrong?
 
Sort by date Sort by votes
I'm in a similar circumstance: but i've managed to sort myself out by using the following information.

- i read it's best to have your .htpasswd file in a secure, non location, above the htdocs/ folder (making the first line 'AuthUserFile ../.htpasswd')

- it's best to use the "htpasswd.exe" program in apache2\bin\ folder to generate passwords, because most online generators use CRYPT/SHA or something that's for unix/linux, whereas windows apache wants MD5 encryption.
i used this command: "htpasswd ..\.htpasswd username" to create the file (you can keep running this command with different usernames to add users).

good luck
 
Upvote 0 Downvote
I used the htpasswd.exe program and tried running it with various switches go generate MD5 and SHA encrypted files.

I also noticed that I had spelt the name of the htpasswd file wrong in htaccess but have rectified this.

It still doesnt work.

When I upload the htaccess and htpasswd file using my FTP client the files disappear. I assumed this is becuase they are system(?) files, or something like that and ignored it, but could this be symtomatic of the problem Im having?
 
Upvote 0 Downvote
upload them as htaccess.txt and htpasspasswd.txt and rename them once uploaded to the correct .htaccess and .htpasswd

make sure the path to the htpasswd file is correct in the htaccess or the password will not register giving a user not found response in the logs causing the user to be prompted again.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SamBones
  • Locked
  • Question
CentOS 7 and Putty
Replies
2
Views
203
SamBones
SamBones
KannaChan
  • Locked
  • Question
TLS1.2 and TLS1.0 proxy in same Virtualhost
Replies
1
Views
183
ChrisHirst
ChrisHirst
macrun95
  • Locked
  • Question
I had a cifs mount blow up and now
Replies
0
Views
90
macrun95
macrun95
eliogabalus
  • Locked
  • Question
apache and IP oddities
Replies
0
Views
111
eliogabalus
eliogabalus
ady2012
  • Locked
  • Question
I had 2 text files and same contain
Replies
5
Views
160
ady2012
ady2012

Part and Inventory Search

Sponsor

Back
Top