www.webdeveloper.com
Results 1 to 5 of 5

Thread: .htaccess and .htpasswd

  1. #1
    Join Date
    Mar 2006
    Posts
    2

    .htaccess and .htpasswd

    I'm having some trouble with this. I believe I stored the files and changed the permissions properly, but access is still given to all. This is what I did:

    Create a .htpasswd file with the generated password,
    i.e. admin:9tt7mvJ3Q7Ceo

    I stored this file in a directory that I will specify in a .htaccess file

    I then created the .htaccess file within the protected directory.
    i.e. AuthUserFile /absolutepath/.htpasswd
    AuthGroupFile /dev/null
    AuthName test
    AuthType Basic

    <Limit GET>
    require user admin
    </Limit>

    Btw, I'm using UNIX, and I did chmod 644 to the .htaccess and .htpasswd files and then a chmod 711 to both directories individually(wasn't sure which one to do it to). I did them independently too, by creating a new directory and not using the one that had already permissions set.

    Can anyone point out anything that I may be doing incorrectly.

    Thanks

  2. #2
    Join Date
    Oct 2005
    Posts
    31
    Hello jeeva86,

    I am suprised nobody replied so far as this is a rather simple function for a website.

    Here is how to setup this feature:

    a) '.htpassword' file:
    The structure of your file '.htpassword' file looks okey, although
    of course I don't know your password.

    Assuming you encrypted the admin password correctly, then safe the '.htpassword' file into a folder called 'data' in your root directory
    (e.g. '/home/yourrootdirectory/data/.htpasswd') and set permissions to '644'.


    b) '.htaccess' file:
    The content of your '.htaccess' file should follow this format:

    AuthType Basic
    AuthName "Login Area"
    AuthUserFile /home/yourrootdirectory/data/.htpasswd
    <Limit GET POST>
    require user admin
    </Limit>

    Safe the '.htaccess' file into any folder you want to be password-protected
    and set permissions to '644'.

    Hope that works for you.

  3. #3
    Join Date
    Aug 2005
    Posts
    70
    If you keep on that trouble, use only server-side validation with PHP.

    http://www.devshed.com/c/a/PHP/Creat...-Login-Script/

  4. #4
    Join Date
    Apr 2005
    Location
    Bathurst, NSW, Australia
    Posts
    3,357

  5. #5
    Join Date
    Mar 2006
    Posts
    2
    hey azuremain, thanks for your help, but one question do I set the permissions to the folder or the file?

    Quote Originally Posted by azuremain
    Hello jeeva86,

    I am suprised nobody replied so far as this is a rather simple function for a website.

    Here is how to setup this feature:

    a) '.htpassword' file:
    The structure of your file '.htpassword' file looks okey, although
    of course I don't know your password.

    Assuming you encrypted the admin password correctly, then safe the '.htpassword' file into a folder called 'data' in your root directory
    (e.g. '/home/yourrootdirectory/data/.htpasswd') and set permissions to '644'.

    b) '.htaccess' file:
    The content of your '.htaccess' file should follow this format:

    AuthType Basic
    AuthName "Login Area"
    AuthUserFile /home/yourrootdirectory/data/.htpasswd
    <Limit GET POST>
    require user admin
    </Limit>

    Safe the '.htaccess' file into any folder you want to be password-protected
    and set permissions to '644'.

    Hope that works for you.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles