|Determining Unix Path? or Something Missing?|
.htaccess woes, part 2
| 1:15 am on Jun 20, 2003 (gmt 0)|
Now that I can view the .htaccess and .htpasswd files and have the .htaccess where it should go, I'm unable to enter via the password prompt. So I'm wondering if 1) there might be something on the server that should be enabled, 2) is my path wrong? or 3) something in my code
For the server path, I followed the path I found after running MasterPreInstallationTester.cgi., i.e., DOCUMENT ROOT /home/sites/site4/web. I put the .passwd file in the same directory as the .htacess, a directory called "private" (I know that it should go above the root, but before I tried that I wanted to try it in that folder for testing purposes). So the path I have is
Would that be correct?
My .htaccess file is this:
AuthName "Enter Password"
require user guest
and my .htpasswd file is simply:
Can anyone see what I'm doing wrong? When I try to access a file in the private directory, I get the password prompt, but then an error message that I don't have permission or the browser doesn't understand the request.
My boss is expecting me to have a password-protected directory tomorrow, and I've searched Google but haven't found anything that's helped.
| 1:54 am on Jun 20, 2003 (gmt 0)|
You may need to set AllowOveride AuthConfig in the <directory> section for your "site4" account. This is needed to allow .htaccess to use directives such as AuthName, AuthType, AuthUserfile, Require, etc. As such, this applies only to your testing with .htaccess.
Just in case you don't have it, here's a link to the documentation: [httpd.apache.org...]
| 2:33 am on Jun 20, 2003 (gmt 0)|
Thank you, Jim. I'll pass that information along to the person who has access to the server and hope he can set that up or find someone who can. Until that's checked out, at least I won't need to spend any more of my time tonight trying to figure out what's wrong with my code or path.
| 12:27 am on Jun 21, 2003 (gmt 0)|
Well, it seems now that *I'm* the person who has access to the server.
Our server is a RAQ3 (located at a remote location from work). According to the MasterPreInstallationTester.cgi results, the server software is Apache/1.3.6(Unix) PHP/4.3.1 mod_perl/1.21 mod_ssl/2.2.8 OpenSSL/0.9.2b
I was given the password today to access site administration for the Cobalt server, but I didn't see how I can access the Apache software from there, where I need to make the changes to the <directory> section. Also I'm guessing from the link I went to (http://httpd.apache.org/docs/howto/auth.html ) that it might involve telnet, but I'm not sure. I've never done that and the Cobalt server manual I downloaded at work indicates that someone attempting that should be an advanced user.
Now that I have to learn what to do to make these changes, I have to make sense of how the cobalt server and apache software interact and how I can manage them. As you can tell, I'm clueless. I'll download the manuals or whatever information I can find. But I'm very much in the dark since I don't understand how they work together and how to access the Apache software if that's what I need to do. Can someone point me in the right direction? I need to learn a lot in a very short amount of time.
Thanks in advance for any direction or advice...
| 1:31 am on Jun 21, 2003 (gmt 0)|
I believe you'll need to telnet in and find the file "httpd.conf" which is where you'll find the <directory> container you're looking for. Then you'll either need to download it, edit it, and re-upload it, or edit it in place. To edit it in place, you'll either need to find a native editor you like and learn it, or use vi (the native editor), and learn it. Once you are "in" the server, you'll have access to all the Unix "man" (manual) help pages.
I sincerely hope some others will jump in here, since I have only done this once a long, long time ago, and my memory ain't what it used to be...
<added>When you finish this "little project" successfully, ask for a raise, since you're now doing system administrator work. :) </added>
| 1:41 am on Jun 21, 2003 (gmt 0)|
Based on what you describe is happening I think you've got it set up fine. The only problem is that the directory you are placing the .htpasswd and .htaccess files in are not in the public web path or permissions won't allow reading. So what I recommend is you leave .htpasswd where you have it now, but put the .htaccess file in a directory you know you can access currently via browser and see if it prompts for a password and then lets you in.
| 2:19 am on Jun 21, 2003 (gmt 0)|
I'll try to figure out how to telnet... that's totally foreign to me too. Raise? Layoffs are on the horizon. If I can get this all figured out, I'll at least have a job for a little while longer :)
| 2:44 am on Jun 21, 2003 (gmt 0)|
My intent was to put the .htaccess and .htpasswd files in the public web path. Since I'm not used to server file paths, that's why I based my path on the MasterPreInstallationTester results showing the path for the cgi-bin, but I substituted the "members" directory (originally "private")for the "cgi-bin." And I put both files in the members directory to ensure the path would be correct. The .htaccess file is in the "members" directory, which is available via the browser. I do get the password prompt, but it won't let me in. I get this message:
<<<<This server could not verify that you are authorized to access the document you requested. Either you supplied the wrong credentials (e.g. bad password), or your browser does not understand how to supply the credentials required.>>
I set the permissions to what I believe is 755; the members directory is read,write,execute for owner, and the world and group is read,execute. The two files also have the same permissions.
It just seems really difficult for me to connect all the dots with this project... wish the Cobalt control panel could manage everything.
| 4:52 am on Jun 21, 2003 (gmt 0)|
Ok, so it looks like the .htaccess kicks in and prompts for password, which means that httpd.conf must be set up with the required AllowOverride. So either your path is wrong and it can't find .htpasswd or it doesn't like something in your .htaccess.
To make absolutely sure of the paths you would have to log in and check out httpd.conf as jdmorgan suggested. In the interim, try your .htaccess this way:
AuthName Enter Password
| 3:05 pm on Jun 21, 2003 (gmt 0)|
I am having similar problems with rewriting my htaccess file. Whenever I input a rewrite the site is restricted. Anybody on this thread have any ideas why? :-(
| 10:50 pm on Jun 21, 2003 (gmt 0)|
Well, I must have worn my mouse out with this .htaccess issue 'cause I had to run out and buy another today.
I was burning the midnight oil with Google and found a post with a similar problem here:
Someone responded that what he had done successfully was this:
<Limit GET POST>
I tried that, substituting my site's info and it worked for me too. My boss will be a happy man on Monday!
Hope this helps someone else, and I appreciate everyone responding here to help.
| 11:21 pm on Jun 21, 2003 (gmt 0)|
Glad to hear you solved your problem, and thanks for posting the solution!