Welcome to WebmasterWorld Guest from 3.93.75.242

Forum Moderators: Ocean10000 & phranque

Message Too Old, No Replies

password protect folder by htaccess

     
3:28 am on Aug 26, 2003 (gmt 0)

New User

10+ Year Member

joined:June 13, 2003
posts:9
votes: 0


Hello,

I am trying to password protect one of my folder called Admin by .htaccess with the following script:

AuthUserFile /mnt/htdocs/users/abc/123/.htpasswd
AuthGroupFile /dev/null
AuthName "Admin Control Panel"
AuthType Basic

<Limit GET PUT POST>
require user alexandra
</Limit>

and a htpasswd file:
alexandra:encryptedpassword

but it seems not work properly, the popup window requires password all the time, anyone can help me?

thanks in advance!

alexandra

5:48 am on Aug 26, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Sept 22, 2002
posts:1751
votes: 0


Hi Alexandra,

Anyway, the files should be uploaded to the server as ASCII, not binary. You wouldn't be the first to make that error. Also, did you try a site search? There's lots of information around here.

[edited by: jatar_k at 3:56 pm (utc) on Aug. 26, 2003]

2:41 am on Aug 31, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:May 30, 2003
posts:932
votes: 0


I have the same issue. Can anyone help? Here are the specifics: when I open my site in my FTP program I first see this folder:

www.mydomain.com

When I click on it I then see these folders:

cgi-bin
logs
public_html

When I click public_html I see a folder and a file:

catalog
index.htm

When I click catalog I see this folder:

admin

I want to password protect the admin folder with an .htaccess file. Here is the content of the .htaccess file that I've uploaded into the admin folder:

AuthType Basic
AuthName "Restricted Directory"
AuthUserFile /home/3000/pcmt/www.mydomain.com/public_html/catalog/admin/htpasswd

require user patrick

I also have an .htpasswd file with content like this:

patrick:u567dbHJKilop

I believe the password is encrypted correctly in relation to my actual password.

Apparently I have shell access and also both files were uploaded as ASCII. Now when I navigate to the folder www.mydomain.com/catalog/admin I'm asked for a username and password but when I enter the password I can't access the admin folder, and I suspect this is because I haven't understood where to place the .htpasswd file in relation to the path in my .htaccess file. Any advice on how to resolve this would be appreciated. Where should I place the .htpasswd file and what should the correct path be in my .htaccess file?

Regards,

Patrick Taylor

4:21 am on Aug 31, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:May 30, 2003
posts:932
votes: 0


Update:

I now have it working, with this .htaccess file:

AuthName "We require your authorisation."
AuthType Basic
AuthUserFile /home/3000/pcmt/www.mydomain.com/public_html/catalog/admin/.htpasswd
require valid-user

... but I've had to put the .htpasswd file in the same admin folder as the .htaccess file to make it work, which I believe is not very secure. Where would I place the .htpasswd file above the public area, and would I need to change the path in the .htaccess file?

Regards,

Patrick