0

hey guys, would really appreciate if you could help me out.

on my web server, i have created a directory, to which i want password protection.
for that i have created a .htaccess file and saved it in that directory.
Also, i have created a .htpasswd file and saved it in another directory.
I have set authconfig to all in the apache config file.

below are the details of my above file, please let me know where im going wrong,

.htpasswd file contains, this line, root:7rF2c3QN5gWeh

.htacces contains the following,

AuthUserFile /var/.htpasswd
AuthType Basic
AuthName "My Secret Folder"
Require valid-user

apache2.conf contains,
<Directory "/usr/share/apache2/error">
AllowOverride All
# Options IncludesNoExec
# AddOutputFilter Includes html
# AddHandler type-map var
# Order allow,deny
# Allow from all
# LanguagePriority en cs de es fr it nl sv pt-br ro
# ForceLanguagePriority Prefer Fallback
</Directory>

im working on, Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny4

the prob what i think is the path to the htpasswd file. so i tried many different combination, but no success yet.

Thanks.
Amish.

2
Contributors
5
Replies
6
Views
7 Years
Discussion Span
Last Post by sknake
0

Please use code tags when posting code/config files on daniweb:

What are the permissions on the .htpasswd file? ls -al /var/.htpasswd Do you see any error messages in /var/log/apache2/? Also the password hashes for htpasswd are weak, so you should change the password since you posted it up here.

I configure authentication in the apache config instead of directory level htaccess. Is this an option for you? Here is an example:

<Directory /var/www/>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
                AuthType Basic
                AuthName "Apex Repository"
                AuthUserFile /etc/apache2/htpasswd
                Require valid-user
        </Directory>

Edited by happygeek: fixed formatting

0

hey sknake, thanks for your reply.

I did as you said, i put the following code into my apache server config file,

<Directory "/var/www/">
      Options Indexes FollowSymLinks MultiViews
      AllowOverride None
      Order allow,deny
      allow from all
      AuthType Basic
      AuthName "Apex Repository"
      AuthUserFile /var/.htpasswd
      Require valid-user
    </Directory>

And the permissions for my htpasswd file is 644

yet no expected result, am still able to login to my server directly from browser, with no asking for password.

Im trying to understand the log file, will let u know in my next reply.

thanks

0

Hey sknake,

Thank you very much, it worked today.

Although I don't understand why it didn't worked on friday, when i make the changes and restarted the Apache server to make sure that configuration changes apply.

Anyways, all good as long as things works. :)

One more thing I was wondering about is, why it didn't worked with the directory level htaccess. Could you shed some light on it?

Thanks,
Amish.

0

Not off hand... I don't know what would cause that. I have never used directory level access before :(

Please mark this thread as solved if you have found a solution to your problem and good luck!

Edited by sknake: n/a

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.