problems with my .htaccess file

CyberCowboy

Senior member
Apr 16, 2001
247
0
0
anyone know how to create .htaccess files to protect their web directories?

I set one up but it keeps on telling me
"Authorization Required
This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required."

It's pissing me off too. I set the name and password correctly with the htpasswd command.

and in my .htaccess file, I specify the path to the correct password file.
But when I try to get into the protected directory and enter the user name and password, it won't recognize my password or user name(I don'tknow which).

Any suggestions?

 

Platypus

Lifer
Apr 26, 2001
31,046
321
136
Hmmm perhaps you messed up along the road. I use .htaccess, but it may be easier for you to just put a blank index.htm or put a cryptic message in an index.htm and stick it in that directory. That way you can link to something in that dir, but they cannot see the parent directory.
 

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
What OS? It makes a difference. Also, try doing a search on .htaccess because there are several threads about this around the forums. Third, I dont think this is really all that off topicish. :p
 

CyberCowboy

Senior member
Apr 16, 2001
247
0
0
well, i don't really want to protect anything in the directory. I just want to test and it and see how it works. But for some stupid reason it won't work.

could it be my r/w permissions or something?
 

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
My .htaccess files are being ignored.
This is almost always due to your AllowOverride directive being set incorrectly for the directory in question. If it is set to None then .htaccess files will not even be looked for. If you do have one that is set, then be certain it covers the directory you are trying to use the .htaccess file in. This is normally accomplished by ensuring it is inside the proper Directory container.

-------------------------------

How do I set up Apache to allow access to certain documents only if a site is either a local site or the user supplies a password and username?
Use the Satisfy directive, in particular the Satisfy Any directive, to require that only one of the access restrictions be met. For example, adding the following configuration to a .htaccess or server configuration file would restrict access to people who either are accessing the site from a host under domain.com or who can supply a valid username and password:

Deny from all
Allow from .domain.com
AuthType Basic
AuthUserFile /usr/local/apache/conf/htpasswd.users
AuthName "special directory"
Require valid-user
Satisfy any
See the user authentication question and the mod_access module for details on how the above directives work.

-----------------------------------------------

Since it is often difficult to manage files with names like .htaccess under windows, you may find it useful to change the name of this configuration file using the AccessFilename directive.


These are win32 specific, but since you didnt give us a clue about the OS, I guessed.
 

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
I got it working on my system. It took me a while because Im having trouble reading documentation right now. I was going to pm you my configuration files, but you dont have pms on. Ill go ahead and post them here then.

.htaccess:
AuthType Basic
AuthName testing
#AuthName "By Invitation Only"
AuthUserFile /home/n0c/public_html/pics/.password/.passwords
#Require user me2
Satisfy All
<Limit GET POST>
require user me2 me3
</Limit>

.passwords:
me2:CYgm4jKj6jt3Y:testing
me3:6jT.rsZgRlYH6:testing

The passwords are 1 and 2 for me2 and me3 respectively, so dont even bother trying to crack them ;)

Adding testing correctly was important.