Welcome to WebmasterWorld Guest from

Forum Moderators: Ocean10000 & incrediBILL & phranque

Message Too Old, No Replies

htaccess login prompt not shown

htaccess login prompt not shown

6:38 am on Oct 28, 2003 (gmt 0)

New User

10+ Year Member

joined:Oct 28, 2003
votes: 0

My company runs a number of websites using apache virtual hosting and I've recently setup another and am having problems password protecting the admin section. Instead of receiving the typical user/pass login prompt I'm immediately getting a 'page not found error'. I'm baffled as this site is setup *identically* to the others which work fine.

My htaccess is as follows.

AuthName "Web Admin"
AuthType Basic
AuthUserFile /home/sites/site27/web/webadmin/users/.htpasswd
require valid-user

the page is delivered ok (without prompt) when I comment out the 'require' line so I doubled checked that I had

AllowOverride All

set in the websites directory in my access.conf file. I'm almost positive the file permissions for .htpasswd are ok too. I've checked the error log and there's no corresponding error message. Its returning 401 (unauthorized) instead of 500 like I would have guessed.

Can anyone please please please help?

1:56 pm on Oct 28, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
votes: 0


Welcome to WebmasterWorld [webmasterworld.com]!

Check the path to the .htpasswd file. This should be the complete path on the server, without reference to any "assumed" prefix.

You may be able to gather a little more troubleshooting information by intentionally putting bad information into two places - the .htpasswd pathname and the Require directive. If changing either one of them to some ridiculous value leaves the failure mode unchanged, that may indicate that the problem is there. Try:

AuthUserFile /home/reallysillysites/site27/web/webadmin/users/.htpasswd

If the bahaviour stays the same, that may indicate that the server cannot find the auth file *after* it has issued (and logged) the 401 response to request the user's username and password from the client browser.

I would look most carefully at that authorization filepath, and make sure it's correct and does not involve symlinks or aliased file pathnames. Re-checking the permissions on the authorization files and their parent directories is worthwhile, too. Compare to a working "account" on the same system.

Ref: Apache documentation [httpd.apache.org]


4:09 am on Oct 29, 2003 (gmt 0)

New User

10+ Year Member

joined:Oct 28, 2003
votes: 0

I just tried changing the AuthUserFile path to something bogus and the same result, a 401 response and no error logged. So it looks like you're right about it throwing the error after logging the request. I then tried creating a new htpasswd file in a 'public' directory and still nothing.

I'm almost at the point where I'm going to write my own authentication script rather than waste anymore time :-/

4:43 am on Oct 29, 2003 (gmt 0)

New User

10+ Year Member

joined:Oct 28, 2003
votes: 0

Woohoo! Problem solved by a completely unrelated error.
In the virtual host section for the site I had the line

AddType application/x-httpd-php .php4 .html

I assumed you could just keep listing space separated file extensions but apparently not. So after removing the '.html' everything worked fine. Why the hell this affected authentication and not the rest of the site I have no idea. Thanks for your help jdMorgan.


Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members