View Full Version : .htaccess / .htpasswd not working
I am trying to write an administration area of my website.
in that directory is my .htaccess
ErrorDocument 401 /common/reject.html
AuthName "AFC Administration"
I read the tutorial here: http://help.powweb.com/tutorials/htaccess/passprotect.php
and also several others
it asks me for the password but will not authenticate. I have tried all different directories and including <limit get> etc... nothing will work. what can I do?
7-28-02, 11:28 PM
-Double check your syntax
-Make sure your .htpasswd is in correct folder
-Make sure your password in .htpasswd is encrypted
-Make sure you upload in ASCII...not binary
7-29-02, 12:56 AM
I think there's two problems with your .htpasswd path.
First, the username is too long. Powweb has a limit of 12 characters for the username. Check your username and make sure it's correct.
Second, your path to the .htpasswd file should have /htdocs in it.
This is assuming that /common is an actual directory you've stored the pages in.
Well, you are right and wrong.
I did have my username wrong and that corrected it.
If you read the faq at help.powweb.com it states:
Upload .htpasswd above the htdocs folder, in ASCII mode.
You should never put a .htpasswd file in yout htdocs folder. That makes it accessible to the world. I have read this in several tutorials.
Thanks for the help. I was getting frustrated last night.
7-29-02, 12:19 PM
You're right about .htpasswd in the /htdocs folder itself. Your path showed another folder called /common that was to contain the password file. But to show the correct path to it you need to add the /htdocs to the path statement.
This is, of course, assuming you want to password protect a folder called /common and it's contents :)
so did you manage to do it or not?
7-29-02, 12:57 PM
You can create a new folder on the same level as htdocs and cgi-bin. Then put your .htpasswd in there.
Somewhat like this:
If you did keep the path the way it is, you would have to add the htdocs folder in there:
it ended up being www/a/anglers/common/.htpasswd
it worked perfectly.
If you put your htpasswd underneath your htdocs folder, then anyone could download your password file with a web browser.
Thanks for the help guys.
OK, I see the confusion. There are *2* /common/ folders. 1 is where my reject.html file is. That is underneath htdocs. The other contains .htpasswd and is at the path specified at the beginning of the message.
vBulletin® v3.8.7, Copyright ©2000-2013, vBulletin Solutions, Inc.