I have these entries in .htaccess:
<FilesMatch "\.(txt)$">
AuthType Basic
AuthName "Authentication required"
AuthUserFile .htpasswd
require adelein
</FilesMatch>
With this in .htpasswd:
adelein:$apr1$cs4ixtev$kqAo2aH1VgZR9mbo.RnH80
What's wrong?
Syntax for requiring a user should be
require user adeleine
Related
I have an error document (symlink actually) in a protected directory. I want to use my custom error page but the 401 error isn't working due to it being a private directory. How can I solve this?
Here's my .htaccess right now
ErrorDocument 401 /error.php
AuthType Basic
AuthName "restricted"
AuthUserFile /home1/user/public_html/.htpasswd
require valid-user
I fixed this by adding this to my .htaccess
SetEnvIf Request_URI "^/error.php$" allow_all
Order allow,deny
Allow from env=allow_all
Satisfy any
I have a secured website. The complete website is secured so, regardless of the page you ask, you have to enter the user/password.
I did this with this code in the htaccess
AuthUserFile /path/.htpass
AuthType Basic
AuthName "Website"
Require valid-user
Now, i want to add another authentification for a specific url. So i tried this :
SetEnvIf Request_URI ^/myurl require_auth=true
AuthUserFile /path/.htpmyrul
AuthName "Myurl"
AuthType Basic
Order Deny,Allow
Deny from all
Satisfy any
Require valid-user
Allow from env=!require_auth
It worked for myurl, but the problem is that this code "cancelled" the first code! So now, my website only ask for authentification when i visit myurl, but if i visit any other url, the website doesn't ask for authentification
Is it possible to have both authentifications work together ?
Thanks
Well you could do this.
In the main root of your htaccess file put this.
SetEnvIf Request_URI "/myurl" require_auth
AuthUserFile /path/to/.htpasswd
AuthName "Webiste"
AuthType Basic
Require valid-user
Order Deny,Allow
Deny from all
Allow from env=require_auth
Satisfy any
Then create a htaccess file inside myurl folder and put this example inside it.
AuthUserFile /path/to/other/.htpasswd
AuthName "myurl"
AuthType Basic
Require valid-user
Order Deny,Allow
Deny from all
Satisfy any
This should allow you to use another htpasswd for your sub folder.
Well, I'm trying to secure my xampp with .htaccess and .htpasswd and I don't see a mistake, so do many other developers that I know...
My .htaccess:
AuthName "Protected Area"
AuthType Basic
AuthUserFile C:/xampp/secret/hidden/place/.htpasswd
require valid-user
php_flag register_globals on
My .htpasswd:
wscript:$apr1$Y107OG1n$Ui6D997SqhERXXyV9VBU51
The error is error 500
Anyone?
You should consult your error logfile usually located at: /var/log/apache2/error.log. Without knowing the exact error there's really only speculation as to what might be the issue.
AuthName "Protected Area"
AuthType Basic
AuthUserFile C:/xampp/apache/var/www/site/.htpasswd
Require valid-user
require valid-user should be capital "R"
AuthUserFile is usually located one directory above the web root.
The permissions on the .htaccess and .htpasswd need to be set so that Apache can read them: chmod 0644 .htaccess chmod 0644 .htpasswd
( further reading )
I can't seem to find the proper way to write my .htaccess file. I initially had the file set up to allow access to a directory of files and that worked fine:
AuthUserFile /var/www/html/technical/mep/.htpasswd
AuthGroupFile /dev/null
AuthName "Password Protected Area"
AuthType Basic
Require valid-user
Now what I need to do is add an additional htpasswd file (something like .htpasswd2) and allow those additional user to only be able to access a single file in that directory. How do I edit my current .htaccess file to make this happen?
You can simply use the <FilesMatch> container:
<FilesMatch protected.html>
AuthUserFile /var/www/html/technical/mep/.htpasswd2
AuthGroupFile /dev/null
AuthName "Password Protected Area 2"
AuthType Basic
Require valid-user
</FilesMatch>
And the file "protected.html" would use the .htpasswd2 file.
I have .htaccess file which is using on multiple domains.
Now I have part of this code which I must run only on my development site.
Is it possible to put if / else statement in .htaccess file?
This is part of code which I must run only on dev. site
AuthType Basic
AuthName "Login required"
AuthUserFile "/var/www/dev.mysite.com/.htpasswd"
ErrorDocument 401 default
<Files "login.php">
require valid-user
</Files>