.htpasswd, .htaccess & httpd.conf help needed - Apache Web Server forum at WebmasterWorld - WebmasterWorld

Forum Moderators: phranque

Message Too Old, No Replies

.htpasswd, .htaccess & httpd.conf help needed

yoda

7:09 pm on Mar 11, 2005 (gmt 0)

10+ Year Member

I've searched many forums for any topics about .htpasswd, I found several that touched on it, but I did not find a fix to the problem I am having. I hope someone can help me out (keep in mind, I am still a newbie when it comes to this stuff) and yes I have read the help at apache.org(many times over) and I am just stumped.

I set up an .htaccess file in the directory I want to protect, it looks like this:

AuthUserFile members/.htpasswd
AuthGroupFile /dev/null
AuthName "Password Protected Area"
AuthType Basic

<limit GET POST>
require valid-user
</limit>

I set up the .htpasswd in the root directory (above the directory that's Web-accessible), it looks like this:

star:stNQbFIiRHZXY

When I go to a page in the directory that I wanted protected, the box pops up asking for the password, but when I type in the correct password the box just pops up again. When I finally hit cancel, the 401 page comes up: "Authorization Required
This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required."

I can list parts of my httpd.conf file if you need it.
Please help me figure out my problem, Im new to this and must be missing something simple... thanx y'all.

yoda

7:24 pm on Mar 11, 2005 (gmt 0)

10+ Year Member

uhg... since theres no edit buton...
the above post is not correct, it should read:

I set up an .htaccess file in the directory I want to protect, it looks like this:

AuthUserFile .htpasswd
AuthGroupFile /dev/null
AuthName "Password Protected Area"
AuthType Basic

<limit GET POST>
require valid-user
</limit>

I set up the .htpasswd in the root directory (above the directory that's to be protected), it looks like this:

star:stNQbFIiRHZXY

jdMorgan

9:26 pm on Mar 11, 2005 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Most likely problem:

.htpasswd is not a plain-text file. You must use a utility on the server itself to create and edit htpasswd files. The location varies, so take a look at your host's FAQs.

Jim

yoda

10:26 pm on Mar 11, 2005 (gmt 0)

10+ Year Member

I am my host, and I used htpasswd in the bin directory to create my password

jdMorgan

10:40 pm on Mar 11, 2005 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

From [httpd.apache.org...]

Here's the basics of password protecting a directory on your server.
You'll need to create a password file. This file should be placed somewhere not accessible from the web. This is so that folks cannot download the password file. For example, if your documents are served out of /usr/local/apache/htdocs you might want to put the password file(s) in /usr/local/apache/passwd.
To create the file, use the htpasswd utility that came with Apache. This will be located in the bin directory of wherever you installed Apache. To create the file, type:
htpasswd -c /usr/local/apache/passwd/passwords rbowen

Check the path on your .htpasswd file.

Jim

yoda

11:21 pm on Mar 11, 2005 (gmt 0)

10+ Year Member

ok, I did what you said and it output a file "passwords" containing a "username:blahblahblah".

and I copied it into my .htpasswd file and saved it.

but it still keeps prompting for user/pass instead of going through.

could it be something else? or did I mees up again...
please forgive my ignorance... I am trying really I am.
and thank you so much for helping too!

yoda

11:35 pm on Mar 11, 2005 (gmt 0)

10+ Year Member

holly bat cr*p Ive gotit! thanx a million! :)

my path to my htpasswd didnt have the starting "/"

thanx again!