Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Restricing access with htaccess

Status
Not open for further replies.
squidster

squidster

Technical User
Oct 13, 2002
55
GB
I am having a bit of a mare getting this to work, it sort of seems to but then it doesn't!?

I have read various articles and the FAQ on this forum but I can't see that I'm doing anything wrong. ([ponder]wouldn't be the first time though!)

I have .htaccess:-

AuthUserFile C:/Apache/bin/.htpasswd
AuthName "Placements"
AuthType Basic

<LIMIT GET POST>
require valid-user
</LIMIT>

(I've also tried this with backslashes)

and .htpasswd (created by running htpasswd -cm .htpasswd username):-

username:$apr1$t40.....$/jbpq51m0DH5WMHcp7oDH.

When I try to access the html files in the restricted folder (the one with .htaccess in) it does not ask for username and password, however if i cahnge the password string in .htpasswd and then try it asks for username and password but obviously fails to authenticate.

This is all on win2k running Apache/1.3.27

 
Sort by date Sort by votes
Verify that .htaccess and .htpasswd are in the correct folders (.htaccess in the protected folder and .htpasswd is where .htaccess says it is).

Make sure the httpd.conf file has these sections of code:

# This controls which options the .htaccess files in directories can
# override. Can also be &quot;All&quot;, or any combination of &quot;Options&quot;, &quot;FileInfo&quot;,
# &quot;AuthConfig&quot;, and &quot;Limit&quot;
#
AllowOverride Authconfig


# AccessFileName: The name of the file to look for in each directory
# for access control information.
#
AccessFileName .htaccess

# Also, folks tend to use names such as .htpasswd for password
# files, so this will protect those as well.
#
<Files ~ &quot;^\.ht&quot;>
Order allow,deny
Deny from all
</Files>


Also, in the .htaccess, enclose the path to ht .htpasswd in double-quotes:

AuthUserFile &quot;C:/Apache/bin/.htpasswd&quot;

I also have this line next, not sure if required:

AuthGroupFile /null



Restart Apache and try again.

To change password, don't edit the encrypted file with a text editor, instead delete the user and re-enter the username and password in encrypted mode.

I don't see anything else wrong.
Newposter
&quot;Good judgment comes from experience. Experience comes from bad judgment.&quot;
 
Upvote 0 Downvote
Thanks it was the &quot;qoutes&quot; on (or rather not on) the AuthUser file path.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Krus1972
  • Locked
  • Question
Rewrite Rule for .htaccess Help
Replies
0
Views
303
Krus1972
Krus1972
harro1968
  • Locked
  • Question
Help with ProxyPass
Replies
0
Views
196
harro1968
harro1968
CecilXavier
  • Locked
  • Question
RHEL IDM with Radius not authenticating
Replies
0
Views
244
CecilXavier
CecilXavier
mjj4golf2
  • Locked
  • Question
Help with setting up a media server
Replies
2
Views
268
vacunita
vacunita
TSch
  • Locked
  • Question
Problem with NFS automount
Replies
1
Views
180
iggsterman
iggsterman

Part and Inventory Search

Sponsor

Back
Top