I have an .htaccess with the following settings:
AuthName "veuillez vous authentifier"
AuthUserFile "/var/www/html/.pass"
AuthType Basic
Require valid-user
And a .pass:
pass:password
(These values are not the real)
It's working perfectly, but just the first time. And even after I delete all history in my browser when I want to return into one web page, I don't have any username and password required.
Why? How can I resolve it?
Related
I want to modify phpbb3 .htaccess to install an authentification on my phpbb 3.2.5 test server.
I want to put a user and a password when accessing directory forum.3.2.5 during my test to avoid robots and other users.
I have already use those lines in an other directory and it works properly
AuthName "Pages protegees - pas de moteur de recherche - access restreint"
AuthType Basic
AuthUserFile "/chemin/forum.3.2.5/.htpasswd"
Require valid-user
I have put those 4 lines at the begining .htaccess of phpbb.3.2.5 with the good directory instead of /chemin/ see modified file .htaccess.
I haven't got any error on user or password but an internal server error after authentification...
The phpbb server doesn't display index.php after authentification.
Your problem, according to my tests on my devserver, are most likely due to an incorrectly placed .htpasswd file. Do not put it in the same folder as the forum. Try placing it, instead, into the /chemin folder...
IE:
AuthName "Pages protegees - pas de moteur de recherche - access restreint"
AuthType Basic
AuthUserFile "/chemin/.htpasswd"
Require valid-user
I am using the following in my htaccess:
Options +Indexes
IndexOptions +FancyIndexing
AuthUserFile /home/html/.htpasswd
AuthName "Restricted Area"
AuthType Basic
require valid-user
It works great in the root directory...
The problem is when I access a sub-directory, it asks for a password again. For each and every sub-directory it asks for a password. In fact, everytime I refresh it asks for the password again, instead of caching it in.
How do I fix this?
I've figured this one out. It is related to FancyIndexing. If you have FancyIndexing enabled, htaccess will ask to reconfirm the password on every file and folder within the initial folder. Turning this off solved the issue.
I have a problem with my htaccess protection. First lets have a look at the sourcecode. This is the htaccess. Note: I don´t have a htaccess in the parent folder, so there is no protection from a parent element.
AuthType Basic
AuthName "Login"
AuthUserFile /fullPath/protection/.htpasswd
AuthGroupFile /fullPath/protection/.htgroup
require user devju
<Limit GET>
require valid-user
</Limit>
Ok, so this is the htpasswd in the protection directory:
devju:anfxCAFkVCb9E
and this is the htgroup (but it is irrelevant to the example):
superadmin: devju
Ok the problem is that sometimes, and currently permanent, the auth-dialog doesn´t appear and the client will redirected to the ErrorDocument 401. So why is that so? Do I have a wrong configuration or something else? I didn´t changed anything in the settings.
Note: Currently I don´t have enough points to comment, so I can´t answer to questions :(
Try
AuthType Basic
AuthName "Login"
AuthUserFile /fullPath/protection/.htpasswd
require valid-user
Hi I have the following in a .htaccess file:
AuthType Basic
AuthName "restricted area"
AuthUserFile /web/clients/.htpasswd
require valid-user
this works in making the directory private, however I get a 403 error and no password/user pop up appears to even give me the chance? Any ideas as to what I am doing wrong, both htaccess and htpasswd are together in the directory I want to protect.
Thanks
I want to deny all request to the server except some ip's , but those ip's should show the auth dialog. What I have tried is
order deny,allow
deny from all
allow from xxx.xxx.xx.xxx
allow from xxx.xxx.xx.xxx
AuthUserFile /path/to/.htpasswd
AuthType Basic
AuthName "Login Required"
Require valid-user
It works fine , but after user login it showing Internal server error(500). Any idea ?
This usually happens when there's something wrong with the AuthUserFile parameter. You can put any random path in your AuthUserFile and apache will be willing to go along with the 401 require auth part just fine. But when it needs to verify the authorization given to it (in your case, via a BASIC mechanism) it needs to actually check the contents of the file, /path/to/.htpasswd. Make sure that you have the correct path to this file and that it contains actual htpasswd data, generated using the htpasswd command or something equivalent.
This is working fine ;-)
order deny,allow
deny from all
deny from all
allow from xx.xx.xx.xx
AuthUserFile /path/to/.htpasswd
AuthType Basic
AuthName "Login Required"
Require valid-user