URL rewrite and htauth confliction with .htaccess - .htaccess

I have an htaccess file as follows:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule . - [L]
RewriteRule ^$ app/ [L]
RewriteRule (.+) app/$1 [L]
</IfModule>
Now, this is located in my web root, and I wanted to also password protect this and all sub-directories, so I added the following lines:
AuthName "phpMyAdmin Restricted Area."
AuthType Basic
AuthUserFile /usr/local/apache/.htpasswd
Require valid-user
This promted me and I was able to 'log in'. However, now my server is 500'ing on me, and I am not sure why. I can remove the auth lines, and this fixes the problem. Why is this happening, and what can I do?

conflictions with another .htaccess file in the root dir.

Related

Laravel 5.2 - Basic Auth using .htpasswd

I'm having trouble setting up a .htpasswd protected laravel project.
I tried adding the following to my .htaccess but it causes an internal server error (500) after I entered my credentials..
.htaccess content:
AuthUserFile .htpasswd
AuthType Basic
AuthName "Secured area"
Require valid-user
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
RewriteEngine On
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>
And this is the current routes.php. Just in case it's something I should change in the routes.php:
Route::get('/', 'HomeController#index');
Route::auth();
Route::get('/home', 'HomeController#index');
I couldn't find anything useful on Google which still works under laravel 5.2 so I really hope someone out there has an idea :)
As #Olaf mentioned. changing this:
AuthUserFile .htpasswd
..into this:
AuthUserFile /absolute/server/path/.htpasswd
..did the trick. Thank you verry much!

.htaccess insert a string inside the URL

I have no experience whatsoever with .htaccess and I've been reading for awhile now but to no success. My site is using wordpress and I need to edit the .htaccess file to insert a string inside my url just like this.
mysite.com/?a=c&b=2 to this mysite.com/mobile?a=c&b=2
So if I enter the first URL it'll proceed to the next one. Also, since my site is using wordpress, I have no idea where to insert the codes.
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
<FilesMatch "wp-login.php">
AuthName "WordPress Admin"
AuthType Basic
AuthUserFile /usr/www/users/ineedjkfup/./wp-admin/.htpasswd
require valid-user
</FilesMatch>
help me Gurus. Please. :D :D

.htaccess file completely ignored

I'm trying to setup HTTP authentication to protect my site. The site is hosted with Azure.
AuthType Basic
AuthName "Protected Area"
AuthUserFile D:\\home\\site\\wwwroot/.htpasswd
Require valid-user
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
This is being completely ignored. To test further I deleted my .htaccess altogether and my site still works fine. It is being completely ignored.
Please see the following link: Mod_rewrite in Azure
.htaccess is not read by Azure websites. You must create your rules in your web.config file
If you want to use an .htaccess file you would need to stand up a Linux VM with apache and go that route.
Hope this helps!

multiple htaccess file complication

i have a magento webshop which has following rule in his base .htaccess file:
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule .* index.php [L]
Now i have a subdirectory in the webshop root called "oscware". In this folder is also a htaccess file with following content:
AuthType Basic
AuthName "Please enter your ID and password"
AuthUserFile .htpasswd
require valid-user
if i want to connect to http://www.example.com/oscware/oscware-connector.php i will be redirected to the magento shop with error 404.
If i remove the rule
RewriteRule .* index.php [L]
it works. Ok everybody should think that the problem is in the rewrite condition. But it is NOT so. Because at the other side if i remove the rule
require valid-user
in the .htaccess file in the oscware directory it also works (with the rule
RewriteRule .* index.php [L]
)
At the end i can only edit the magento .htaccess in the webshop-root because the oscware .htaccess is automatically generated. Has anybody an idea to get this scenario working?
Thanks in advance!
Not sure why this is happening. The only thing that I can think of is maybe an internal 401 page is missing and that's somehow causing the rule in the document root to get applied. Unless there's other rules or redirects in the "oscware" or magento that is inadvertently causing this.
But try, in the htaccess file in your "oscware" folder, turn on the rewrite engine:
RewriteEngine On

Excluding single directory under protected Wordpress site from htpasswd protection

Despite a good deal of searching here I haven't been able to find the solution to this problem.
I have an .htaccess file that is protecting a Wordpress site that I am developing. I would like to protect the entire site except for the directory /images/, but I can't work out how to do this. At the moment my .htaccess file, in the root of the site, looks like this:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
# basic password protection
<IfModule mod_authn_file.c>
AuthUserFile /home/*****/.htpasswd
AuthName "Username and password required"
AuthType Basic
<Limit GET POST>
Require valid-user
</Limit>
</IfModule>
Could someone help me to amend this to allow open access to the /images/ directory?
Thanks,
Nick
You can create a new .htaccess-file in the /images/-directory:
Order Deny,Allow
Allow from all
Satisfy any
This should remove the password protection for this folder.

Resources