Tim,

Welcome to WebmasterWorld [webmasterworld.com]!

Ugh... Weird server set up, plus the complexities of authorization -- together, they make for a tough job.

In this case, since you've apparently had contact with them, tell your host what file/subdirectory you want to password-protect, and tell them to do it. Not being rude to them, but the operative word here is "tell". You are the customer, and they have apparently opted to set things up strangely. You are the customer and they are the "hosting service provider". Therefore they should make you happy or watch you leave.

The path to the required .htpasswd file is specified as a local filepath from within .htaccess, so hopefully, they can tell you how to specify the correct path -- and how to correctly generate (add) usernames/passwords into that file in that directory.

Write .htaccess for Windows? Are you hosted on Apache running under Win2K or something? In that case, there might be a few differences related to the differing *file* naming conventions of *nix vs. Windows, but it shouldn't affect much beyond that. (This is a guess, since I have no idea what they really might have meant).

Jim

Thanks.

The host is running apache on unix. They said they didn't want people to be able to go into the directory tree, so they stop it at the file location of my webpage.

I'm going to tell them to try and put the password file (.htpasswd) on the server below my page and have them open up the connection so I can read and verify authorization from .htaccess.

Tim D

Tim,

Rather than having it in the http-accessible space, you might want to ask them to put it in "username" or "username/html" -- as far up as it wil go while remaining accessible to you via local server pathname.

JIm

Ugh... Weird server set up, plus the complexities of authorization -- together, they make for a tough job.

IMHO clueless tech support from web host providers makes relatively easy tasks appear to be almost impossible. User authentication is not difficult.

My webhost tells me that the server is unix, but it's setup so I can't get below the directory tree on the server to find the .htpasswd file. the full path is home/"username"/html/"my website". is there anyway to right the AuthUserFile /.../cgi/.htpasswd so it doesn't have to start at the root of the server?

The AuthUserFile works from the / directory to your .htpasswd file
eg /home/username/.htpasswd

I'm going to tell them to try and put the password file (.htpasswd) on the server below my page and have them open up the connection so I can read and verify authorization from .htaccess.

There are several php and perl scripts that can be used for creating users with encrypted passwords and you can set up .htpasswd files within your own directory space with them. Visit www.hotscripts.com and type htpasswd in the search box and you will find several scripts.

[edited by: jdMorgan at 8:31 am (utc) on Jan. 1, 2004]
[edit reason] Edited at Gorufu's request [/edit]