apache .htaccess and htpasswd - can't lock directory
Hi there,
I am having trouble locking out a directory on my server (requiring username/password access) I ran htpasswd -c .htpasswd username and entered username's password for now I have put .htpassword in the same directory I am trying to protect. here are the access rights: -rw-r--r-- 1 apache apache 79 Feb 5 23:32 .htaccess -r--r--r-- 1 apache apache 23 Feb 5 23:30 .htpasswd -rw-r--r-- 1 jordan thompsons 115 Feb 4 00:15 index.html Here are the contents of .htaccess: AuthName "Test" AuthType Basic AuthUserFile ".htpasswd" require valid-user Here are the contents of .htpasswd: username:RnCYlrJTT7hwU When I web to the directory, I get immediate access (no prompt for username/password.) Any suggestions? thanks for your help, Jordan |
Any suggestions?
|
Well, for starters, is htaccess behaviour turned on in your apache? Uusally it is tho by default..
Heres one of my .htaccess: Code:
AuthUserFile /absolute/www/root/path/.htpasswd - you need to specify a group file - you have to have a Limit section, especially the requiŕe valid user sounds pretty valuable.. (; - And the full path might be required, Im not sure.. But hey, this one of mine works as it should.. Hope this helps in debugging |
You should make sure that your host/virtual host is configured to first deny, then allow.
Here is a sample (edited) .htaccess file I am using on one of my test machines: Code:
Linux:/srv/www/htdocs/ # cat .htaccess |
Now, why the HE-doublehockeysticks does this board apply emoticons to text between [ c0de] tags?!
|
Quote:
|
Quote:
|
Thanks for all of your help, but none of his is working...
Does it matter that the index.html file in the directory is redirectiing to a cgi? <html> <META HTTP-EQUIV="Refresh" CONTENT="0; URL=http://www.mydomain.com/cgi-bin/movies.pl?action="> </html> When I web over to it, it just does the redirect and bataboom I am running the cgi. Any suggestions? |
I think that there is something missing from my apache setup. Where is the setup file for apache and what should I be looking for?
thanks for your help. |
imho the redirect shouldnt be a problem..
the config is usually located at /etc/apache/httpd.conf but it varies by distribution.. just do a 'locate httpd.conf' Here are a few settings there considering .htaccess: Code:
AccessFileName .htaccess Code:
<Files ~ "^\.ht"> Code:
AllowOverride All # or something not as drastic, but this atleast works.. (: |
All times are GMT -5. The time now is 03:04 AM. |