LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-23-2009, 07:29 PM   #1
Arty Ziff
Member
 
Registered: May 2008
Location: Tacoma, WA
Distribution: CentOS and RHEL
Posts: 102

Rep: Reputation: 15
Problem with HTACCESS


I have a directory that contains this .htaccess file:
Quote:
AuthName "this directory"
AuthType Basic
AuthUserFile /home/MyDomain/.htpasswd
require valid-user
In /home/MyDomain I have an .htaccess file that I have added a name/password to with:

htpasswd .htpasswd SomeUser

In my httpd.conf file I have this:
Quote:
<Directory "/home/MyDomain/public_html/admin">
AllowOverride AuthConfig
</Directory>
Yet I'm getting:
Quote:
Forbidden
You don't have permission to access /admin/ on this server.
Any ideas what I should be looking for?

Last edited by Arty Ziff; 10-23-2009 at 07:34 PM.
 
Old 10-23-2009, 10:13 PM   #2
irishbitte
Senior Member
 
Registered: Oct 2007
Location: Brighton, UK
Distribution: Ubuntu Hardy, Ubuntu Jaunty, Eeebuntu, Debian, SME-Server
Posts: 1,213
Blog Entries: 1

Rep: Reputation: 82
does the directory admin belong to the user you are trying to auth as, or does it belong to the http user?
 
Old 10-23-2009, 10:22 PM   #3
Arty Ziff
Member
 
Registered: May 2008
Location: Tacoma, WA
Distribution: CentOS and RHEL
Posts: 102

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by irishbitte View Post
does the directory admin belong to the user you are trying to auth as, or does it belong to the http user?
Why would that be an issue? I should be able to add any user/pwd combination. The .htpasswd user list is unrelated to user accounts on the particular server.

However...

I created user "MyDomain" in /home/MyDomain, I created /public_html/admin as user MyDomain. So the owner of admin is user MyDomain.

But as I said, I don't really think it matters to Apache with respect to basic authentication and .htaccess / .htpasswd.

Last edited by Arty Ziff; 10-23-2009 at 10:31 PM.
 
Old 10-24-2009, 03:22 AM   #4
lutusp
Member
 
Registered: Sep 2009
Distribution: Fedora
Posts: 835

Rep: Reputation: 102Reputation: 102
Quote:
Originally Posted by Arty Ziff View Post
Why would that be an issue? I should be able to add any user/pwd combination. The .htpasswd user list is unrelated to user accounts on the particular server.

However...

I created user "MyDomain" in /home/MyDomain, I created /public_html/admin as user MyDomain. So the owner of admin is user MyDomain.

But as I said, I don't really think it matters to Apache with respect to basic authentication and .htaccess / .htpasswd.
1. You have a problem getting Apache to access a specific directory. You post an inquiry.

2. Someone asks you whether you have assured that Apache has rights to that directory.

3. Your response is "Why would that be an issue?"

No wonder you're having problems. Tell me how you think Apache can access any directory it cares to, based only on its configuration, without regard to system-wide access permissions.

Above all else, the target directory must be accessible to Apache's default user and group. Trust me on this.
 
Old 10-24-2009, 03:28 AM   #5
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 16,829

Rep: Reputation: 2409Reputation: 2409Reputation: 2409Reputation: 2409Reputation: 2409Reputation: 2409Reputation: 2409Reputation: 2409Reputation: 2409Reputation: 2409Reputation: 2409
also seeing as you DO have access to the httpd.conf file you do not need to use a .htaccess -- edit the httpd.conf file!!!
 
Old 10-24-2009, 06:13 PM   #6
irishbitte
Senior Member
 
Registered: Oct 2007
Location: Brighton, UK
Distribution: Ubuntu Hardy, Ubuntu Jaunty, Eeebuntu, Debian, SME-Server
Posts: 1,213
Blog Entries: 1

Rep: Reputation: 82
You can add any user/passwd combo, for people accessing this content from the net, but Apache needs to be able to see this directory and navigate in it. For example, I use scripts to backup my website to a tmp folder outside the webroot. The tmp folder has to be writable by www-data in order that apache can use it. Same goes for you. Here is a way you can do it:

Code:
chown -R MyDomain:www-data /home/MyDomain/public_html/admin
chmod -R 770 /home/MyDomain/public_html/admin
assuming 'www-data' is your http user. Do this:
Code:
getent passwd | grep www
and there should be only the http user listed.

This should sort you out! BTW, this:
Quote:
also seeing as you DO have access to the httpd.conf file you do not need to use a .htaccess -- edit the httpd.conf file!!!
is correct.
 
Old 10-24-2009, 09:52 PM   #7
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,241

Rep: Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325
Also, NEVER put the htpasswd file in a documents dir. Anyone on the web can grab a copy and try to break it. Store it with the httpd.conf
BTW, no need to make it 'hidden' ie leading '.' is redundant.
 
Old 10-25-2009, 05:19 AM   #8
Arty Ziff
Member
 
Registered: May 2008
Location: Tacoma, WA
Distribution: CentOS and RHEL
Posts: 102

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by lutusp View Post
1. You have a problem getting Apache to access a specific directory. You post an inquiry.

2. Someone asks you whether you have assured that Apache has rights to that directory.

3. Your response is "Why would that be an issue?"

No wonder you're having problems. Tell me how you think Apache can access any directory it cares to, based only on its configuration, without regard to system-wide access permissions.

Above all else, the target directory must be accessible to Apache's default user and group. Trust me on this.
It is *unnecessary* to become nasty and rude. "Why would that be an issue?" is a perfectly valid question, which you go on to answer. Could you have answered without being so rude?

Thanks John VV, irishbitte, and chrism01 for providing helpful responses! Much appreciated, you have helped me solve the issue.

Last edited by Arty Ziff; 10-25-2009 at 05:23 AM.
 
Old 10-25-2009, 08:01 AM   #9
irishbitte
Senior Member
 
Registered: Oct 2007
Location: Brighton, UK
Distribution: Ubuntu Hardy, Ubuntu Jaunty, Eeebuntu, Debian, SME-Server
Posts: 1,213
Blog Entries: 1

Rep: Reputation: 82
Just to check, is it working now? And what method(s) did you employ to achieve success? This would help future searches.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
.htaccess problem soroccoheaven Linux - Server 2 09-23-2007 04:28 PM
htaccess problem furqan_sindhu General 0 11-23-2006 07:28 AM
.htaccess problem? Maje Programming 1 06-16-2006 03:38 AM
.htaccess problem Ramon_E Linux - Security 3 10-20-2003 08:32 PM
.htaccess problem mwmethe Linux - Security 1 08-31-2002 01:32 PM


All times are GMT -5. The time now is 07:15 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration