HELP! Users able to login using blank for username/password

Forum Moderators: phranque

Message Too Old, No Replies

HELP! Users able to login using blank for username/password

tp24292

7:45 pm on Feb 28, 2004 (gmt 0)

I have setup membership area using .htaccess.

When they click on members link, they get a pop box asking for username/password. If they enter invalid user, they can't get in. But if they enter in blank for both username & password they can get in.

Funny thing is i have tested this on another domain using same basically same .htaccess code located on same server and works there just fine.

My .htaccess file:
AuthType Basic
AuthName "Members Only"
AuthUserFile /home/hourt/public_html/access/data/.htpasswd
Require valid-user

I have tried following:
1. Is the location of the .htpasswrd correct? Yes otherwise wouldn't be working for valid users.
2. Tried rebooting server from WHM. I suppose that should have rebooted apache.

I have around 1500 users in my .htpasswd file. I'm not sure if that could be causing the problem though i heard there are limits with .htaccess.

Any help will be appreciated

lemat

8:02 pm on Feb 28, 2004 (gmt 0)

look info file .htpasswd
and examine every line
try to remove blank lines...

tp24292

8:31 pm on Feb 28, 2004 (gmt 0)

Ya tried that. no blank lines. any other suggestions?

lemat

9:03 pm on Feb 28, 2004 (gmt 0)

1) Check you config again for:

Satisfy Any

2) try to remove half of the entries
helped? try the other half, persists?
then spil the "bad half of the entries" again, and again...

lemat

9:04 pm on Feb 28, 2004 (gmt 0)

s/spil/split/

tp24292

1:02 am on Feb 29, 2004 (gmt 0)

thanks guys. was blank username for user in the htpasswd file. turned out there was 2 blank users in the pw management script database and when the pw script was rewriting the htpasswd file, it kept adding this blank user to the htpasswd file. all fixed now.