htaccess and userdir problem
Hi People.
I originally started this way back in October last year in http://www.linuxquestions.org/questi...umber.-678759/ I never did get to solve the problem but worked around it with a reasonably acceptable method. Now this has become a problem for another reason. I will recap briefly: On a server running virtual hosts and Apache 2.2 I found out that it is possible to get around the .htaccess file by using the IP number and user name like this "http://123.123.123.123/~username/protected_directory". .htaccess is simply ignored. Using the domain name "www.domain.co.uk/protected_directory" is ok and htaccess performs normally. I discovered that by changing the hppd.conf line "UserDir disable" to "UserDir public_html" prevented accessing the protected directories by IP/~username/protected_directory. I guess this is not really surprising. Of course, this has the byproduct of preventing valid access using the IP too. This has now become a problem and I need to solve it. So, the question remains, "why does .htaccess not work when using "IP/~username/protected_directory" ? Any clues where I can start looking would be most welcome. |
What happens if you visit htp://www.domain.co.uk/~username/protected_directory
Could you post the contents of .htaccess? Try to use Code:
NameVirtualHost *:80 |
Hmmm !
Bathory, many thanks for your reply.
If I visit visit htp://www.domain.co.uk/~username/protected_directory I get a 404 unavailable error. I found "NameVirtualHost" in several places in the hppd.conf file as follows: Code:
# The following directive disables redirects on non-GET requests for Code:
# Also in the VH section as here Code:
<VirtualHost 123.123.123.123:80> Code:
<VirtualHost 123.123.123.123:80> The .htaccess file contains this : Code:
AuthName "domain.co.uk protected" Again, many thanks for your help, I am at a total loss. |
Quote:
What has the "username" above to do with the "domaing" in the DocumentRoot definition "DocumentRoot /home/domaing/public_html? You are using htp://www.domain.co.uk/~domaing/protected_directory to do your tests? Unless it's a typo you need to change the DocumentRoot to "/home/domaing/public_html" to match the <Directory /home/domain/public_html> About the rest: Remove the line "NameVirtualHost 123.123.123.123:80" and change the vhost definition accordingly: Code:
<VirtualHost *:80> |
Thanks again Bathory.
I have to apologise because I made a mistake. If I visit visit htp://www.domain.co.uk/~username/protected_directory the .htaccess file works properly. I don't know how I made that mistake, I don't think I have done anything that could have affected that. Another apology, the "domainG" is a typo. I obviously had a bad day. So here is the result for your suggestion in your post: I deleted "NameVirtualHost 123.123.123.123:80" and changed the vhost line to "<VirtualHost *:80>" This is the result : "http://123.123.123.123/~username/protected_directory" the .htaccess is ignored "http://www.domain/~username/protected_directory" the .htaccess is ignored "http://www.domain/protected_directory" displays the protected directory for the servers default site. Unsurprisingly all other VH on this server stop when this change is in place. Should I point out that the domain name and the username are of course identical. I am tearing my hair out (and I have very little) so thanks for your continued help and patience. |
Are you sure
Code:
AuthUserFile /home/domain/.protected-htpasswd Also, if this is in a user's public dir, maybe only that user needs access eg Code:
require user <that_user> |
Now I'm also confused (I guess www.domain.co.uk is the same as www.domain). Could you please confirm the following:
http://www.domain.co.uk/~username/protected_directory works http://123.123.123.123/~username/protected_directory not working http://www.domain/protected_directory works? http://123.123.123.123/protected_directory not working? Quote:
Now chrism01 gave me an idea. Move .protected-htpasswd somewhere outside of the homedir (e.g. /etc/.protected-htpasswd), change the "AuthUserFile ..." and see if it works. |
Thanks Chris and Bathory for your continued efforts. Working with a thick git like me must be frustrating.
The current state is as follows : I have removed the line "NameVirtualHost 123.123.123.123:80" And I have changed the VH entry like this Code:
<VirtualHost *:80> I have created a directory called "protected_directory" In that directory I have "index.htm", .htaccess and .htpasswd .htaccess contains Code:
AuthUserFile /home/username/public_html/protected_directory/.htpasswd Code:
user:a03cGgnLWcCzY Code:
<Directory /home/username/public_html/protected_directory> The results are : http://www.domain.co.uk/protected_directory 404 error. No sign of entry in /etc/httpd/logs/error_log http://123.123.123.123/~username/protected_directory/ .htaccess ignored http://www.domain.co.uk/~username/protected_directory .htaccess ignored http://123.123.123.123/protected_directory/ 404 error. No sign of entry in /etc/httpd/logs/error_log As there is no directory in the default called "protected_directory" this is expected ? Again, I thank you for your patience. |
If you have left the rest of the VH unchanged, the 404 error should be in /home/domain/logs/error_log
What is the output of Code:
httpd -S |
The result of httpd -S is as follows :
Code:
[Fri Apr 03 12:14:46 2009] [warn] VirtualHost 123.123.123.123:80 overlaps with VirtualHost 123.123.123.123:80, the first has precedence, perhaps you need a NameVirtualHost directive In the above the last three lines "domain.co.uk" is the name of the VH I am using for testing. "www.anotherdomain.com" refers to another VH which justy happens to be on this server. Strangely, there is no error in /home/domain/logs/error_log either ! |
Here is a configuration that works at least for me:
1. In the part of httpd.conf defining UserDir: Code:
UserDir public_html Code:
<VirtualHost *:80> http://www.vhost.com/protected http://xx.xx.xx.xx/~username/protected http://servername/~username/protected Of course you must use only one of "NameVirtualHost 123.123.123.123:80" or "NameVirtualHost *:80" and <VirtualHost 123.123.123.123:80> or <VirtualHost *:80> for apache to stop complaining about vhost overlapping. I suggest you also to close completely your browser (not just the tab) when testing, because sometimes it keeps the password cached and does not ask again for authentication. |
Solved
Fianlly !
It seems to be sorted out. As far as I can tell, it would seem that it is necessary to change ALL instances of "<VirtualHost 123.123.123.123:80>" to <VirtualHost *:80> in the VH section. Changing just one for the purpose of testing does not work. You probably knew that, but I'm thick. That surprised me, but it does seem to be working as expected now. I was at the stage of giving up so many thanks to you for your help. Interestingly, the error logs are now working properly too. I am one happy bunny :) |
All times are GMT -5. The time now is 05:58 AM. |