Why I get 500 internal server error when using .htaccess - .htaccess

I am keep getting a 500 internal server error when accessing the folder.
It does come up with a dialog asking to enter username and password.
But once entered 500 internal server error
AuthType Basic
AuthName "Password Protected Area"
AuthUserFile /customers/7/f/d/reedyfordmobilevaletservice.co.uk//httpd.www/admin/.htpasswd
Require valid-user
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_URI} !^public
RewriteRule ^(.*)$ public/$1 [L]
</IfModule>

You may change your rule to this:
RewriteEngine on
RewriteRule ^(?!public/)(.*)$ public/$1 [L,NC]
(?!public/) is negative lookahead to prevent looping.

Related

Laravel 5.2 - Basic Auth using .htpasswd

I'm having trouble setting up a .htpasswd protected laravel project.
I tried adding the following to my .htaccess but it causes an internal server error (500) after I entered my credentials..
.htaccess content:
AuthUserFile .htpasswd
AuthType Basic
AuthName "Secured area"
Require valid-user
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
RewriteEngine On
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>
And this is the current routes.php. Just in case it's something I should change in the routes.php:
Route::get('/', 'HomeController#index');
Route::auth();
Route::get('/home', 'HomeController#index');
I couldn't find anything useful on Google which still works under laravel 5.2 so I really hope someone out there has an idea :)
As #Olaf mentioned. changing this:
AuthUserFile .htpasswd
..into this:
AuthUserFile /absolute/server/path/.htpasswd
..did the trick. Thank you verry much!

Password Protection with htaccess with Yii Framework

I'm trying to protect my website with a username and password.
This is my .htaccess before adding the Password Protection
RewriteEngine on
# if a directory or a file exists, use it directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# otherwise forward it to index.php
RewriteRule . index.php
I have added the following code at the end of the file
AuthType Basic
AuthName "Password Protected Area"
AuthUserFile .htpasswd
Require valid-user
So my .htaccess is currently
RewriteEngine on
# if a directory or a file exists, use it directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# otherwise forward it to index.php
RewriteRule . index.php
AuthType Basic
AuthName "Password Protected Area"
AuthUserFile .htpasswd
Require valid-user
The password protection is working fine, but the website returns Internal Error 500
Why is the Password Protection cancels the RewriteEngine part? please advise.
I have added the full-path for the ".htpasswd" to solve the issue
AuthUserFile "/home/folder/folder/.htpasswd"

htaccess-redirect based on logged user

I have problem with password/user checking with redirect to user folder.
This is my .htaccess :
AuthType Basic
AuthName "Enter the password to gain access."
AuthUserFile /home/path/to/.htpasswd
require valid-user
RewriteEngine On
RewriteCond %{REMOTE_USER} (.+)
RewriteRule (.*) http://anothersite/clientarea/%1/$1 [L]
Problem:
Serwer always redirect to http://anothersite/clientarea/user/ - even when the user is not entered into '.htpasswd' or when I enter wrong password
Try something like this:
RewriteEngine On
RewriteCond %{REQUEST_URI} !/clientarea/user
RewriteCond %{REMOTE_USER} user(.*)
RewriteRule (.*) /clientarea/user%1/$1 [L]
Where is your .htaccess file? It should be in user directory which you authenticate.

Excluding single directory under protected Wordpress site from htpasswd protection

Despite a good deal of searching here I haven't been able to find the solution to this problem.
I have an .htaccess file that is protecting a Wordpress site that I am developing. I would like to protect the entire site except for the directory /images/, but I can't work out how to do this. At the moment my .htaccess file, in the root of the site, looks like this:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
# basic password protection
<IfModule mod_authn_file.c>
AuthUserFile /home/*****/.htpasswd
AuthName "Username and password required"
AuthType Basic
<Limit GET POST>
Require valid-user
</Limit>
</IfModule>
Could someone help me to amend this to allow open access to the /images/ directory?
Thanks,
Nick
You can create a new .htaccess-file in the /images/-directory:
Order Deny,Allow
Allow from all
Satisfy any
This should remove the password protection for this folder.

URL rewrite and htauth confliction with .htaccess

I have an htaccess file as follows:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule . - [L]
RewriteRule ^$ app/ [L]
RewriteRule (.+) app/$1 [L]
</IfModule>
Now, this is located in my web root, and I wanted to also password protect this and all sub-directories, so I added the following lines:
AuthName "phpMyAdmin Restricted Area."
AuthType Basic
AuthUserFile /usr/local/apache/.htpasswd
Require valid-user
This promted me and I was able to 'log in'. However, now my server is 500'ing on me, and I am not sure why. I can remove the auth lines, and this fixes the problem. Why is this happening, and what can I do?
conflictions with another .htaccess file in the root dir.

Resources