LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 10-08-2010, 03:25 AM   #16
singh_chitranjan
Member
 
Registered: Jun 2008
Posts: 33

Original Poster
Rep: Reputation: 0

Quote:
Originally Posted by bathory View Post
@OP

To test if apache reads .htaccess files, put some garbage in it and see if you get a 500 "Internal Server Error"
Hi,

Thanks a lot, it is done. apache was not accessing .htaccess file bcz i put the full path of .htaccess i.e. /var/www/html/.htaccess in httpd.conf.
now i just made it .htaccess in httpd.conf. now it is OK.

thanks a lot again.
 
Old 10-08-2010, 04:07 AM   #17
Sayan Acharjee
Member
 
Registered: Feb 2010
Location: Chennai, India
Distribution: Manjaro
Posts: 623

Rep: Reputation: 64
Quote:
Originally Posted by singh_chitranjan View Post
Hi,

Thanks a lot, it is done. apache was not accessing .htaccess file bcz i put the full path of .htaccess i.e. /var/www/html/.htaccess in httpd.conf.
now i just made it .htaccess in httpd.conf. now it is OK.

thanks a lot again.
Nice to know that it is resolved.
You can mark the thread as Solved now.
 
Old 10-08-2010, 04:18 AM   #18
nayoolwin
LQ Newbie
 
Registered: Jun 2010
Location: Myanmar, Yangon
Posts: 4

Rep: Reputation: 0
Smile hello

Quote:
Originally Posted by singh_chitranjan View Post
Dear Experts,

i have CentOS 5 configured with apache web server. but it is not asking for password authentication while accessing the web page. the config detail is as below:-

Web Page location - /var/www/html
.htaccess file location - /var/www/html
Contents of .htaccess file :-

AuthName "Password Protected"
AuthType Basic
AuthUserFile /etc/httpd/conf/.htpassword
require user chitranjan


Entry in /etc/httpd/conf/httpd.conf file:-

<Directory "/var/www/html">
AllowOverride AuthConfig
Order allow,deny
Allow from all

</Directory>




please help me to solve this problem.


Thanks in advance
Chitranjan



hello

"/var/www/html"

change this form

"/var/www/html/"
 
0 members found this post helpful.
Old 10-08-2010, 04:40 AM   #19
leejohnli
Member
 
Registered: Sep 2010
Posts: 66

Rep: Reputation: 2
Great!
 
Old 10-08-2010, 08:43 AM   #20
doublejoon
Member
 
Registered: Oct 2003
Location: King George, VA
Distribution: RHEL/CentOS/Scientific/Fedora, LinuxMint
Posts: 370

Rep: Reputation: 44
Is this RH/CentOS or Fedora Server?
If so is selinux turned on?
 
Old 06-09-2018, 10:10 PM   #21
gnurob
LQ Newbie
 
Registered: Dec 2006
Location: St. John's, Newfoundland and Labrador, Canada
Distribution: Debian, Raspbian, OpenELEC, Knoppix
Posts: 13

Rep: Reputation: 0
I was able to reproduce this and the following fix works.

Change .htpasswd to htpasswd.
 
Old 06-10-2018, 12:12 AM   #22
scasey
LQ Veteran
 
Registered: Feb 2013
Location: Tucson, AZ, USA
Distribution: CentOS 7.8.2003
Posts: 5,148

Rep: Reputation: 1876Reputation: 1876Reputation: 1876Reputation: 1876Reputation: 1876Reputation: 1876Reputation: 1876Reputation: 1876Reputation: 1876Reputation: 1876Reputation: 1876
Posting a conflicting, and I feel incorrect, solution to an 8 year old thread is likely to be confusing to some, nay most.
In the original thread, had I read it back then, I'd have pointed out that putting the password auth file in the web space was not a good idea.
Unhiding it is even a worse idea.

Please start a new thread to discuss the problem you're having and we'll try to help you with it.
 
1 members found this post helpful.
Old 06-11-2018, 08:19 AM   #23
gnurob
LQ Newbie
 
Registered: Dec 2006
Location: St. John's, Newfoundland and Labrador, Canada
Distribution: Debian, Raspbian, OpenELEC, Knoppix
Posts: 13

Rep: Reputation: 0
scasey,

Lets dismiss your worries about correctness before moving on to the more important issue. A leading dot indicates a hidden file; this is an administrative feature, not a security feature, and is not necessary in system directories where suitable file permissions are used. Consider /etc/profile and ~/.bash_profile. If you are still not happy with this answer, then why not read Authentication and Authorization, in the official Apache documentation, which does not use a dot file.

As for resurrecting old threads: they are indexed by search engines and many users find themselves reading these threads looking to solve their own problems. There is an issue with reading .files and the solution was not posted here. I have added it and therefore the solution exists for anyone finding themselves here: as I did, yesterday.

I am not sure why you felt it necessary to post your comments, or are unable to realize the benefit of posting solutions--especially for software as widely adopted as Apache--but I will say it was shortsighted.

If you still believe this inconvenienced you in some terrible way, I suggest you discuss it with the administrators of linuxquestions.org. Perhaps they will have a different opinion as to the benefits of acquiring search engine traffic and purge old posts, or freeze them. Then again, maybe they believe view solutions are solutions, and new visitors keep the community alive, nay, know they do.
 
Old 06-11-2018, 08:47 AM   #24
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 23,120

Rep: Reputation: 6451Reputation: 6451Reputation: 6451Reputation: 6451Reputation: 6451Reputation: 6451Reputation: 6451Reputation: 6451Reputation: 6451Reputation: 6451Reputation: 6451
Quote:
Originally Posted by gnurob View Post
scasey,
Lets dismiss your worries about correctness before moving on to the more important issue. A leading dot indicates a hidden file; this is an administrative feature, not a security feature, and is not necessary in system directories where suitable file permissions are used. Consider /etc/profile and ~/.bash_profile. If you are still not happy with this answer, then why not read Authentication and Authorization, in the official Apache documentation, which does not use a dot file.
...except the link you posted to the official documentation DOES have .htaccess. Nowhere in it does it say anything about removing the dot, as far as I could see.
Quote:
As for resurrecting old threads: they are indexed by search engines and many users find themselves reading these threads looking to solve their own problems. There is an issue with reading .files and the solution was not posted here. I have added it and therefore the solution exists for anyone finding themselves here: as I did, yesterday.
And after eight years, the answers have probably changed; do you use the same versions of software/OS/apache as you did eight years ago??
Quote:
I am not sure why you felt it necessary to post your comments, or are unable to realize the benefit of posting solutions--especially for software as widely adopted as Apache--but I will say it was shortsighted.

If you still believe this inconvenienced you in some terrible way, I suggest you discuss it with the administrators of linuxquestions.org. Perhaps they will have a different opinion as to the benefits of acquiring search engine traffic and purge old posts, or freeze them. Then again, maybe they believe view solutions are solutions, and new visitors keep the community alive, nay, know they do.
Necroposting has long been frowned upon in this forum; eight years is a LONG time to go between postings. The solutions have probably changed in that time, as did versions of software so scasey has a perfectly good point in saying "Open something new", because (as you say), this forum is indexed by search engines. Someone looking for a solution NOW isn't going to want to read something from eight years ago, but WILL want something current.

If you feel that you have been inconvenienced by having someone say something about necroposting, perhaps you should also contact the site administrators and ask them their feelings.
 
1 members found this post helpful.
Old 06-11-2018, 10:22 AM   #25
scasey
LQ Veteran
 
Registered: Feb 2013
Location: Tucson, AZ, USA
Distribution: CentOS 7.8.2003
Posts: 5,148

Rep: Reputation: 1876Reputation: 1876Reputation: 1876Reputation: 1876Reputation: 1876Reputation: 1876Reputation: 1876Reputation: 1876Reputation: 1876Reputation: 1876Reputation: 1876
Quote:
Originally Posted by gnurob View Post
scasey,

Lets dismiss your worries about correctness ...
Let's not. Correctness is why I posted...

The OP has the AuthUserFile file hidden, but in the web space. I wanted to be sure that followers-on understood that having the AuthUserFile file in the web space was a bad idea.

I'll presume that the documentation you linked to does not use a dot file in their examples, as you say, but I have 21 AuthUserFiles in an not-in-the-web-space directory and they are all dot files.

In fact, the original thread has nothing about ".htpasswd" except as a discussion of that string as a file suffix. htpasswd is a utility for generating an encrypted password for use in an AuthUserFile. See
Code:
 man htpasswd
So, removing the dot is NOT a solution to the OP. Nor is it a solution at all, as far as I can tell. That is my main objection to your post: The "issues about correctness" which you dismissed. The fact that a future searcher may find this thread as you did is precisely why I commented, tho I'm sure they'll appreciate the link you provided to the apache documentation.

I'll add a link to all apache directives. I find it to be extremely useful.

Last edited by scasey; 06-11-2018 at 10:49 AM.
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Apache authentication (.htaccess) password reset page hattori.hanzo Linux - Newbie 0 11-05-2008 12:01 AM
Client Authentication in Apache HTTP Server gjagadish Linux - Software 1 09-11-2006 02:56 AM
Apache password authentication problem dave`2005 Linux - Software 1 05-31-2006 04:27 PM
Using the MySQL Database for Authentication on Apache Server ruiseixas Linux - Security 1 03-12-2004 10:32 PM
Password Authentication Server Tunarle Linux - Networking 1 07-27-2003 03:55 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 03:23 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration