Trying to password protect webpages, Having trouble logging in |
Trying to password protect webpages, Having trouble logging in |
czwief |
Jun 2 2009, 10:16 AM
Post
#1
|
Group: Members Posts: 3 Joined: 2-June 09 Member No.: 8,770 |
Hi everyone,
I'm trying to password protect a couple of webpages on my server. I'm creating a sample website where I work to give advertisers an easy place to look at stuff we've done for them. Can someone help me figure out what I'm doing wrong here? The website is here: http://www.tc.umn.edu/~zwief005 Here are the codes for a couple of the pages... Under the "qwest" directory, here's the .htaccess: CODE AuthType Basic AuthName "restricted area" AuthUserFile \protect\qwest\.htpasswd require qwest And the qwest .htpasswd: CODE qwest:qwest Dodge's .htaccess: CODE AuthType Basic AuthName "restricted area" AuthUserFile \~zwief005\protect\dodge\.htpasswd require valid-user Dodge's .htpasswd: CODE dodge:dodge If you need any more information, please let me know. Thanks in advance! |
pandy |
Jun 2 2009, 10:43 AM
Post
#2
|
🌟Computer says no🌟 Group: WDG Moderators Posts: 20,753 Joined: 9-August 06 Member No.: 6 |
The Dodge's one looks correct, except you should use the absolute path to the pw file and the slashes are slanted in the wrong direction.
The absolute path on Linux could (but mustn't) look something like /home/sites/you/somedirectory/.htpasswd . It's the path from the root, same as C:\... on Windows. Also, the passwords should be encrypted in the .htpasswd file. This walkthrough looks as good as any. There's a link to an encryption tool to. http://www.javascriptkit.com/howto/htaccess3.shtml |
czwief |
Jun 2 2009, 11:25 AM
Post
#3
|
Group: Members Posts: 3 Joined: 2-June 09 Member No.: 8,770 |
The Dodge's one looks correct, except you should use the absolute path to the pw file and the slashes are slanted in the wrong direction. The absolute path on Linux could (but mustn't) look something like /home/sites/you/somedirectory/.htpasswd . It's the path from the root, same as C:\... on Windows. Also, the passwords should be encrypted in the .htpasswd file. This walkthrough looks as good as any. There's a link to an encryption tool to. http://www.javascriptkit.com/howto/htaccess3.shtml Thanks, that was helpful. However, it still isn't working -- I think I found the absolute path to the file in Dreamweaver, but it's still not exactly working. Here's what I've edited it to (only doing Qwest's for convenience sake): CODE AuthName "Restricted Area" AuthType Basic AuthUserFile /home/z/zwief005/web-docs/protect/qwest/.htpasswd AuthGroupFile /dev/null require valid-user That's .htaccess. Here's .htpasswd: CODE west:rAmVmwS842YPE Is it possible that's not the absolute path? I found that path in Dreamweaver when I expanded to show both the local and remote sites. Once you see "/protect/qwest/.htpasswd," that's the directory I created for it. Once again, you can test this out here. |
pandy |
Jun 2 2009, 12:50 PM
Post
#4
|
🌟Computer says no🌟 Group: WDG Moderators Posts: 20,753 Joined: 9-August 06 Member No.: 6 |
Looks like a likely path. To be sure, copy the below to a new document, name it something.shtml and upload it to the same folder where you have the .htpasswd. It's accessible from the web, right? Then call the new file up in your browser and you should see the server path on the last line. I included the the lines on top just so you can see what each SSI directive does.
CODE <html> <head> <title></title> </head> <body> DOCUMENT_ROOT: <!--#echo var="DOCUMENT_ROOT" --><br> DOCUMENT_URI: <!--#echo var="DOCUMENT_URI" --> <br><br> DOCUMENT_ROOT+DOCUMENT_URI:<br> <!--#echo var="DOCUMENT_ROOT" --><!--#echo var="DOCUMENT_URI" --> </body> </html> |
czwief |
Jun 2 2009, 02:06 PM
Post
#5
|
Group: Members Posts: 3 Joined: 2-June 09 Member No.: 8,770 |
Looks like a likely path. To be sure, copy the below to a new document, name it something.shtml and upload it to the same folder where you have the .htpasswd. It's accessible from the web, right? Then call the new file up in your browser and you should see the server path on the last line. I included the the lines on top just so you can see what each SSI directive does. CODE <html> <head> <title></title> </head> <body> DOCUMENT_ROOT: <!--#echo var="DOCUMENT_ROOT" --><br> DOCUMENT_URI: <!--#echo var="DOCUMENT_URI" --> <br><br> DOCUMENT_ROOT+DOCUMENT_URI:<br> <!--#echo var="DOCUMENT_ROOT" --><!--#echo var="DOCUMENT_URI" --> </body> </html> I did that and found out the paths were different. However it still didn't work -- the username/password popup worked just fine but when I entered in either username/password combo it didn't work (dodge/dodge and qwest/qwest). Any ideas? Could it be the University's server I'm hosting it on? Here's the code for .htaccess now: CODE AuthType Basic AuthName "restricted area" AuthUserFile /var/opt/apache/docs/~zwief005/protect/dodge/.htpasswd require valid-user |
pandy |
Jun 2 2009, 02:21 PM
Post
#6
|
🌟Computer says no🌟 Group: WDG Moderators Posts: 20,753 Joined: 9-August 06 Member No.: 6 |
Don't know, but I don't think so. If you weren't allowed to use it I don't think you would get the prompt.
BTW I move this to the Web Server Configuration forum. |
imort |
Jun 18 2016, 07:45 AM
Post
#7
|
Group: Members Posts: 7 Joined: 18-June 16 Member No.: 24,338 |
Dodge's .htpasswd: CODE dodge:dodge If you need any more information, please let me know. Thanks in advance! Hey You need to provide the user password hash in the .htpasswd file instead of plain text password. Take a look here for the usable tool: http://www.htaccesstools.com/htpasswd-generator/ You also need to use the absolute path to the file and make sure that apache has read permissions to this file too. Check which user the apache process is running by and check file permissions. You can also change the file owner to that user to keep it simple. |
Lo-Fi Version | Time is now: 26th September 2024 - 08:32 PM |