Password protecting a dir with htaccess

N

Nickp

Guest
I've been playing with htaccess for the first time, trying to get a directory password protected but not having much luck. When I read the error logs I get:

[Wed Dec 18 20:13:58 2002] [error] (2)No such file or directory: access to /fdcgi failed for xxx.xxx.xxx.xxx, reason: Authentication failure

Does this mean it can't find the htpasswd file?
the htaccess file I'm using looks like this:

Code:
AuthUserFile /web/.htpasswd
AuthGroupFile /dev/null
AuthName "Hello World"
AuthType Basic

require valid-user

I'm uploading it in ascii mode, read loads of how-to's on it, but it just doesn't seem to work. At the moment the htpasswd is just sitting in the web dir, but thats only temporary till I figure out why its not working. I've tried it in different places but that didn't help either.

Any other info you need to solve the problem just ask, I'm out of ideas.

Its running on Apache (not sure which build) on a Cobalt RaQ 3.

Any help is appreciated, thanks.

[edit.madmatt]gosh darn it, this thread is driving my firewall nuts..[/edit]
 
Place the htaccess file in the directory you want to password protect (this will also protect all sub dir within that dir).

Basic table for htaccess/password protecting

Code:
# admin table
AuthType Basic
AuthName "login"
AuthUserFile /path/to/users.acl
Require valid-user

AuthUserFile is the path to your user file (.acl)

You can also add the following to the above to limit to your IP address (XXX.XXX.XXX.XXX = your IP address)..

Code:
<Limit GET> 
order deny,allow
deny from all
allow from XXX.XXX.XXX.XXX
satisfy all
</Limit>

The "satisfy all" means that the IP address MUST match the given IP address and you still have to input a username/password.

Good luck.
 
Thanks for the reply but still no luck :(

In the logs I still get the same error message. The path to the password file in .htaccess, should it be relative to the root of the virtual site or relative to the root of the actual server?

I've tried both and neither seem to work.

Whats the difference between .htpasswd and user.acl? In other examples I've see .htpasswd rather than user.acl.

Sorry for driving your firewall nuts, in future I'll put code in a code block :)
 
Progress - If I use the line " AuthUserFile /etc/passwd", it will work off the list of server username and passwords, but I still can't get it to accept a password file generated by htpasswd
 
You probably already know this..

It Telnet, if you type 'htpasswd' it will give you the correct syntax. I usually use:

htpasswd -d /users.acl <new_username>

Then it asks me to input the new_username's password, and verify it.

I believe you have to type htpasswd -cd /users.acl <username> the first time (to create the users.acl file).

I have found in the past that the built-in encryption does not work correctly. So you may want to give it a try without encryption.

As for what's the difference between the htpasswd file and users.acl? Probably none, when I learned, I learned using the .ACL filename.

Hope this helps..
 
I've got a copy of apache on my Windows XP box to use as a test bed for sites so I've been using htpasswd on it and then ftping (in ascii mode) the htpasswd file.

I spoke to the tech guys where our server is colocated earlier coz I tried telneting in to do it on the server and it wouldn't let me.

They said I needed to give them my static IP address to let them change permissions on their firewall to let me telnet to it so I've emailed it to them, but it'll be tomorrow before that gerts done now.

I've tried the password as unencrypted, encrypted with crypt and with md5, but that didn't seem to be the prob.

I'll post again with the results of the telneting session tomorrow
 

Members online

No members online now.

Latest profile posts

Also Hi EP and people. I found this place again while looking through a oooollllllldddd backup. I have filled over 10TB and was looking at my collection of antiques. Any bids on the 500Mhz Win 95 fix?
Any of the SP crew still out there?
Xie wrote on Electronic Punk's profile.
Impressed you have kept this alive this long EP! So many sites have come and gone. :(

Just did some crude math and I apparently joined almost 18yrs ago, how is that possible???
hello peeps... is been some time since i last came here.
Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.

Forum statistics

Threads
62,015
Messages
673,494
Members
5,621
Latest member
naeemsafi
Back