Solved

.htaccess can't find passwd file -- have tried multiple paths

Posted on 2003-12-03
9
363 Views
Last Modified: 2012-05-04
I am trying to setup a secure area on our commercially hosted web site via .htaccess.  The ISP says this is supposed to work, but I have not had success. The .htaccess file is being read because I am being prompted for user name and password.  However, I cannot get into the directory. Error logs say "No such file or directory: Could not open password file: /www/.htpasswd"

As an ISP customer, I do not have access (read or write) to httpd.conf.  When I connect via ftp, my current directory is /www.  In that directory, I have a .htpasswd file. I have a subdirectory 'secureaccess' in www (/www/secureaccess).   In /www/secureacess/ , I have a .htaccess file.

My .htpasswd file is:
joe:encryptedyaddayadda
bob:encryptedwhatever

My .htaccess file is:
AuthType Basic
AuthName "Password Required -- "               
AuthUserFile /www/.htpasswd
require valid-user

I have wide-opened the permissions on .htaccess and .htpasswd and the directory /secureaccess/.

The ISP tech support says that /www is the root that I should use.  (From /www, however, I can cd.. all the way back to:
/usr/local/ft_apache/www ).

I've tried every path I can think of, but am apparently still not seeing the .htpasswd file.

Any suggestions/comments are appreciated

Chuck
0
Comment
Question by:jesterepsilon
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 9870372
does your AllowOverride contain AuthConfig in httpd.conf?
0
 

Author Comment

by:jesterepsilon
ID: 9870918
I don't have access to the httpd.conf (the ISP configures this).  The ISP does say that the .htaccess method works, so I assume that means that AllowOverride contains AuthConfig in the httpd.conf.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 9873659
ok, we assume AuthConfig is set
are you shure that the owner of the httpd can read your files?
is the path to the files correct?
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 15

Expert Comment

by:samri
ID: 9875709
hi Chuck,

Try to use

AuthUserFile .htpasswd

and check the error message.  By right by not using absolute path (one with / prefix), the file will be treated as coming from ServerRoot (http://httpd.apache.org/docs-2.0/mod/mod_auth.html#authuserfile).  From there we can figure out how the filesystem layout is made of.

another approach would be asking the ISP on the actual path (since they might be running apache and even ftp in chrooted env - where the path you see is not the path that the OS/apps is seeing.).

Have you tried AuthUSerFile /usr/local/ft_apache/www/.httpasswd ?

Check the permission on www itself.  Makesure it is readable by apache.




0
 

Author Comment

by:jesterepsilon
ID: 9875723
I know the .htaccess file is being read because it forces a password to get to that directory.  

I've got  /www/.htpasswd for the path which I believe is correct, however it does not work.  I've tried several different paths, but to no avail.
0
 
LVL 15

Expert Comment

by:samri
ID: 9876025
hi jesterepsilon,

Based on the error: Error logs say "No such file or directory: Could not open password file: /www/.htpasswd"

it may be possible that apache could not find the file.  try to rename the file to something else (.oldhtpasswd maybe), and check the error. I would think that it would still be the same.

How about the permission on /www?  is it readable by others ?
0
 

Author Comment

by:jesterepsilon
ID: 9878619
AuthUserFile .htpasswd  returns --    
/usr/local/fp_apache/.htpasswd    
in the error log


AuthUserFile /usr/local/ft_apache/www/.htpasswd returns --
/usr/local/ft_apache/www/.htpasswd
in the error log


AuthUserFile /www/.htpasswd returns --
/www/.htpasswd
in the error log    

Changing the file name  and the reference to it in AuthUserFile returns the same error msg (except with the new file name)
0
 
LVL 6

Accepted Solution

by:
rjdown earned 500 total points
ID: 9880241
Ho hum...

I'm suprised u can CD all the way back there... it's a bit of a security risk on the part of your ISP :O

But anyway, just to make sure of your location, try this:

Create a file called test.php containing this line of code:

<?php echo $_SERVER['DOCUMENT_ROOT'];?>

And put it in the same directory as your .htpasswd file.

Browse to this file, take the output and stick "/.htpasswd" on the end. That is where it should map to.

Also, make sure there are no blank lines in your .htpasswd file (take extra care at the end of the file) as this screws things up too.

Hope it works out for ya :D
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 9881331
> .. which I believe is correct,
this is not enough.
You need to know it for shure. 100% shure!
Please ask you ISP where and how to write the correct path.
Anything else is guessing ...
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Over the last year I have answered a couple of basic URL rewriting questions several times so I thought I might as well have a stab at: explaining the basics, providing a few useful links and consolidating some of the most common queries into a sing…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question