htaccess [Archive] - WebDeveloper.com

Click to See Complete Forum and Search --> : htaccess

Stormblast

03-15-2007, 03:54 PM

(forgive me if this is the wrong forum)

I've got a website (prefer not to list) that is password protected using htaccess. The problem I am having is that users are keep on having to login multiple times to stay logged in. My thought is that their web browser security settings are preventing my site to store cookies to keep them logged in. How can I adjust my htaccess code so that these users dont have to worry about adjusting anything with their web browser?

This is what's in my htaccess file:

AuthName "members"
AuthType Basic
AuthUserFile "/services/webpages/b/i/mysite.org/public/.htpasswd"
<Limit GET POST PUT>
require valid-user
# Order deny,allow
# Deny from all
# Allow from all
</Limit>

Forgive me if I havent been clear enough or if I even posted the wrong code, I'm dumb when it comes to site security.

Thanks in advanced.

ray326

03-15-2007, 05:07 PM

Is this in the doc root for your site? When do they get prompted for more authentications?

Stormblast

03-15-2007, 05:35 PM

Thanks for your reply. Yes its in the root folder.

They get prompted again while browsing the site.

bustya

03-15-2007, 06:21 PM

Is this for a bulletin board login? I had the same problem with members staying logged in at my bulletin board. I solved it though. When I wrote the links to the BB on other pages of my site I included "www". In my case, this was incorrect. The correct link to my forum was "http://mydomain/forum" rather than "http://www.mydomain/forum". Don't know if that helps, just thought I'd share.

Stormblast

03-15-2007, 06:34 PM

Unfortunately its not a a bulletin board. Its for the main root folder.

Stormblast

03-15-2007, 09:53 PM

not meaning to bug, but does anyone have any clues on this one??

Thanks.

Stormblast

03-16-2007, 09:52 PM

I don't mean to be a pain, but are there any .htaccess gurus out there to help me with my issue above??

Thanks.

Nedals

03-17-2007, 12:20 AM

Here's what I have used in the past. Note the AuthGroupFile. It MAY solve your problem. I have never used .htaccess in the webroot directory. If you cannot get it to work, you may want to put the protected page is a different directory, with a link (timed out maybe) on the index.html page

AuthUserFile /full/path/to/.htpasswd
AuthGroupFile /dev/null (comment only - Unix way of saying group file does not exist)
AuthName "Any text you want"
AuthType Basic
<Limit GET POST>
require valid-user
</Limit>

Stormblast

03-17-2007, 02:47 AM

Thanks for responding Nedals. I will give your recommendation a try.

Thanks again.