And sorry if this question has already been answered. But I'm trying to add a folder to my Drupal 7 installation that can be accessed only via password. I have created the folder in my FTP (and named it folder), but unfortunately I can't access this folder. I'd like the folder to look like this (like in Wordpress)
But instead I get "Page isn't working".
Br. Five
Assuming you are running Apache, try adding a .htaccess file to that folder with the following content:
Options +Indexes
When you want to password protect the directory with .htaccess you'll also have to add this:
AuthType Basic
AuthName "My Protected Area"
AuthUserFile /path/to/.htpasswd
Require valid-user
Related
I have set up an FTP connection via ShareX to upload my screenshots to my own ftp.
So my screenshots are accessible at the url 'screenshots.mydomain.fr/myscreenshothash.png'.
And that's cool!
But according to the url 'screenshots.mydomain.fr' you can see the list of all my screenshots (the page Index of). And I'd like to block this page via an htpasswd without blocking access to the files ('screenshots.mydomain.fr/myscreenshothash.png')
What can I do?
My current .htaccess
AuthUserFile /home/XXL /.htpasswd
AuthGroupFile /dev/null
AuthName "Accès Restreint"
AuthType Basic
require valid-user
For the moment I have added a
Options -Indexes
in my htaccess to prevent access to the index of page and I made a listing of my files in a index.php files placed in a subfolder (in which I put the htaccess with htpasswd)
When I choose the same directory for .htaccess and .htpasswd, everything working fine.
But the situation below makes me sad.
I have one .htacces file in the root folder (johan) containing the code below.
AuthName "johan User"
AuthType Basic
AuthUserFile C:/wamp/www/johan/protectthisdir/.htpasswd
Require valid-user
.htpasswd is located at protectthisdir.
When I try to access the johan suddenly getting authentication required message box. But I need it only at protectthisdir. How to do this? Please help.
You should put the .htaccess file in the folder you want to protect, and not the root folder in your case.
The .htpasswd file should not be accessible from a browser so putting it above the DocumentRoot folder is a good idea. So in C:\wamp in your case.
PS:
It would be better to create a Virtual Host for your site to run in, in a completely different folder structure from the default wamp folders See this post for help on that
I have a folder in my htdocs folder ChemLabDB and inside the directory I have my HTML files that the user can browser from their browsers. When the user put the path to the directory, the browser displays all the files. I put the .htaccess and .htpasswd file in the directory. Now everytime I visit the website, I get a enter password prompt.
My Directory:
My .htaccess file:
AuthType Basic
AuthName "Not Available to Users"
AuthUserfile "../htdocs/ChemLabDB/.htpasswd"
Require valid-user
What do I modify so the user can browse without having to enter authentication credentials. The only time a user is REQUIRED (for security) to enter is when they try to browse the directory?
You don't need to take refuge of Basic Authentication. Just put this line in your root .htaccess file:
Options -Indexes
And don't forget to comment out Basic Authentication code.
In my CakePHP app, I have a directory of files which I want to allow direct access to with a username/password. For reasons that are overly complicated, placing the directory inside the /webroot folder is not an option. My folder is located here:
/app/parent_folder/folder_full_of_files
So I want to be able to access files directly like this:
http://mysite.com/app/parent_folder/folder_full_of_files/some_file.pdf
I think I need to modify the .htaccess file in the root, and also add another .htaccess file and .htpasswd file in the folder_full_of_files
I have already found this post which asks a similar question... but I can't translate it to my application.
How do I need to modify the root .htaccess file?
What should be in the new .htaccess file. Here's what I've tried, but just results in 500 error...
AuthType Basic
AuthName "restricted area"
AuthUserFile /bla/bla/mysite/app/parent_folder/folder_full_of_files/.htpasswd
require valid-user
What is the correct way to encrypt the password in the .htaccess file?
I got this to work. I had to do a couple things...
I added this to the .htaccess file in root:
RewriteCond %{REQUEST_URI} !^/app/parent_folder/folder_full_of_files
As #Jon pointed out, my original version above had a mistake ([L]).
I also have an .htaccess file in my /app directory. This might be a quirk about my installation because it is not 100% standard. I can't remember if it's there by default, so I'm mentioning it just in case. IF you don't have one in /app skip this step.
I added this to an .htaccess file in the /folder_full_of_files:
AuthType Basic
AuthName "restricted area"
AuthUserFile /bla/bla/mysite/.htpasswd
require valid-user
Make sure the path after AuthUserFile is a fully-qualified path to the .htpasswd file (see next step).
Create the actual .htpasswd file. It's not supposed to be under the document root, but mine is. I think the most important thing is that it's not inside /webroot. I used this command from the terminal and it created the file:
htpasswd -c /path/where/it/should/go/.htpasswd whatever_username
It asks for a plain text password which gets encrypted and written into the file.
That's it. One annoying "gotcha" is that the path in the .htaccess to the auth file must be absolute, which means it will probably have to be edited when moving between local testing and production (unless the two environments are exactly the same). It would be less clunky if relative paths were allowed.
You don't need to modify the htaccess file in your document root at all
Make sure you have AllowOverride AuthConfig or AllowOverride All configured for your /app/parent_folder/folder_full_of_files/ directory. Make sure that the directory also has a properly generated htpasswd file (named .htpasswd). You need to use the htpasswd program to generate it, or any number of online generators.
I have a main site and a subdomain test site.
On the main site I have a folder previously used for testing...
/httpdocs/test/
Within that I have a htaccess file
AuthUserFile /var/www/vhosts/myurl.com/private/.htpasswd
AuthType Basic
AuthName "Login"
Require valid-user
And an associated .htpasswd in the location specified. This works perfectly.
However, using exactly the same .htaccess for my new subdomain does not work
i.e. putting the .htaccess file at
/subdomains/tests/httpdocs/
or any subdirectory.
Any suggestions why this might be? I get the login screen but it won't accept any correct username/password.
Thanks,
Nick