Welcome to WebmasterWorld Guest from

Forum Moderators: Ocean10000 & incrediBILL & phranque

Message Too Old, No Replies

htaccess login prompt not shown

htaccess login prompt not shown



6:38 am on Oct 28, 2003 (gmt 0)

10+ Year Member

My company runs a number of websites using apache virtual hosting and I've recently setup another and am having problems password protecting the admin section. Instead of receiving the typical user/pass login prompt I'm immediately getting a 'page not found error'. I'm baffled as this site is setup *identically* to the others which work fine.

My htaccess is as follows.

AuthName "Web Admin"
AuthType Basic
AuthUserFile /home/sites/site27/web/webadmin/users/.htpasswd
require valid-user

the page is delivered ok (without prompt) when I comment out the 'require' line so I doubled checked that I had

AllowOverride All

set in the websites directory in my access.conf file. I'm almost positive the file permissions for .htpasswd are ok too. I've checked the error log and there's no corresponding error message. Its returning 401 (unauthorized) instead of 500 like I would have guessed.

Can anyone please please please help?


1:56 pm on Oct 28, 2003 (gmt 0)

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member


Welcome to WebmasterWorld [webmasterworld.com]!

Check the path to the .htpasswd file. This should be the complete path on the server, without reference to any "assumed" prefix.

You may be able to gather a little more troubleshooting information by intentionally putting bad information into two places - the .htpasswd pathname and the Require directive. If changing either one of them to some ridiculous value leaves the failure mode unchanged, that may indicate that the problem is there. Try:

AuthUserFile /home/reallysillysites/site27/web/webadmin/users/.htpasswd

If the bahaviour stays the same, that may indicate that the server cannot find the auth file *after* it has issued (and logged) the 401 response to request the user's username and password from the client browser.

I would look most carefully at that authorization filepath, and make sure it's correct and does not involve symlinks or aliased file pathnames. Re-checking the permissions on the authorization files and their parent directories is worthwhile, too. Compare to a working "account" on the same system.

Ref: Apache documentation [httpd.apache.org]



4:09 am on Oct 29, 2003 (gmt 0)

10+ Year Member

I just tried changing the AuthUserFile path to something bogus and the same result, a 401 response and no error logged. So it looks like you're right about it throwing the error after logging the request. I then tried creating a new htpasswd file in a 'public' directory and still nothing.

I'm almost at the point where I'm going to write my own authentication script rather than waste anymore time :-/


4:43 am on Oct 29, 2003 (gmt 0)

10+ Year Member

Woohoo! Problem solved by a completely unrelated error.
In the virtual host section for the site I had the line

AddType application/x-httpd-php .php4 .html

I assumed you could just keep listing space separated file extensions but apparently not. So after removing the '.html' everything worked fine. Why the hell this affected authentication and not the rest of the site I have no idea. Thanks for your help jdMorgan.


Featured Threads

Hot Threads This Week

Hot Threads This Month