jesterepsilon
asked on
.htaccess can't find passwd file -- have tried multiple paths
I am trying to setup a secure area on our commercially hosted web site via .htaccess. The ISP says this is supposed to work, but I have not had success. The .htaccess file is being read because I am being prompted for user name and password. However, I cannot get into the directory. Error logs say "No such file or directory: Could not open password file: /www/.htpasswd"
As an ISP customer, I do not have access (read or write) to httpd.conf. When I connect via ftp, my current directory is /www. In that directory, I have a .htpasswd file. I have a subdirectory 'secureaccess' in www (/www/secureaccess). In /www/secureacess/ , I have a .htaccess file.
My .htpasswd file is:
joe:encryptedyaddayadda
bob:encryptedwhatever
My .htaccess file is:
AuthType Basic
AuthName "Password Required -- "
AuthUserFile /www/.htpasswd
require valid-user
I have wide-opened the permissions on .htaccess and .htpasswd and the directory /secureaccess/.
The ISP tech support says that /www is the root that I should use. (From /www, however, I can cd.. all the way back to:
/usr/local/ft_apache/www ).
I've tried every path I can think of, but am apparently still not seeing the .htpasswd file.
Any suggestions/comments are appreciated
Chuck
As an ISP customer, I do not have access (read or write) to httpd.conf. When I connect via ftp, my current directory is /www. In that directory, I have a .htpasswd file. I have a subdirectory 'secureaccess' in www (/www/secureaccess). In /www/secureacess/ , I have a .htaccess file.
My .htpasswd file is:
joe:encryptedyaddayadda
bob:encryptedwhatever
My .htaccess file is:
AuthType Basic
AuthName "Password Required -- "
AuthUserFile /www/.htpasswd
require valid-user
I have wide-opened the permissions on .htaccess and .htpasswd and the directory /secureaccess/.
The ISP tech support says that /www is the root that I should use. (From /www, however, I can cd.. all the way back to:
/usr/local/ft_apache/www ).
I've tried every path I can think of, but am apparently still not seeing the .htpasswd file.
Any suggestions/comments are appreciated
Chuck
does your AllowOverride contain AuthConfig in httpd.conf?
ASKER
I don't have access to the httpd.conf (the ISP configures this). The ISP does say that the .htaccess method works, so I assume that means that AllowOverride contains AuthConfig in the httpd.conf.
ok, we assume AuthConfig is set
are you shure that the owner of the httpd can read your files?
is the path to the files correct?
are you shure that the owner of the httpd can read your files?
is the path to the files correct?
hi Chuck,
Try to use
AuthUserFile .htpasswd
and check the error message. By right by not using absolute path (one with / prefix), the file will be treated as coming from ServerRoot (http://httpd.apache.org/docs-2.0/mod/mod_auth.html#authuserfile). From there we can figure out how the filesystem layout is made of.
another approach would be asking the ISP on the actual path (since they might be running apache and even ftp in chrooted env - where the path you see is not the path that the OS/apps is seeing.).
Have you tried AuthUSerFile /usr/local/ft_apache/www/. httpasswd ?
Check the permission on www itself. Makesure it is readable by apache.
Try to use
AuthUserFile .htpasswd
and check the error message. By right by not using absolute path (one with / prefix), the file will be treated as coming from ServerRoot (http://httpd.apache.org/docs-2.0/mod/mod_auth.html#authuserfile). From there we can figure out how the filesystem layout is made of.
another approach would be asking the ISP on the actual path (since they might be running apache and even ftp in chrooted env - where the path you see is not the path that the OS/apps is seeing.).
Have you tried AuthUSerFile /usr/local/ft_apache/www/.
Check the permission on www itself. Makesure it is readable by apache.
ASKER
I know the .htaccess file is being read because it forces a password to get to that directory.
I've got /www/.htpasswd for the path which I believe is correct, however it does not work. I've tried several different paths, but to no avail.
I've got /www/.htpasswd for the path which I believe is correct, however it does not work. I've tried several different paths, but to no avail.
hi jesterepsilon,
Based on the error: Error logs say "No such file or directory: Could not open password file: /www/.htpasswd"
it may be possible that apache could not find the file. try to rename the file to something else (.oldhtpasswd maybe), and check the error. I would think that it would still be the same.
How about the permission on /www? is it readable by others ?
Based on the error: Error logs say "No such file or directory: Could not open password file: /www/.htpasswd"
it may be possible that apache could not find the file. try to rename the file to something else (.oldhtpasswd maybe), and check the error. I would think that it would still be the same.
How about the permission on /www? is it readable by others ?
ASKER
AuthUserFile .htpasswd returns --
/usr/local/fp_apache/.htpa sswd
in the error log
AuthUserFile /usr/local/ft_apache/www/. htpasswd returns --
/usr/local/ft_apache/www/. htpasswd
in the error log
AuthUserFile /www/.htpasswd returns --
/www/.htpasswd
in the error log
Changing the file name and the reference to it in AuthUserFile returns the same error msg (except with the new file name)
/usr/local/fp_apache/.htpa
in the error log
AuthUserFile /usr/local/ft_apache/www/.
/usr/local/ft_apache/www/.
in the error log
AuthUserFile /www/.htpasswd returns --
/www/.htpasswd
in the error log
Changing the file name and the reference to it in AuthUserFile returns the same error msg (except with the new file name)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
> .. which I believe is correct,
this is not enough.
You need to know it for shure. 100% shure!
Please ask you ISP where and how to write the correct path.
Anything else is guessing ...
this is not enough.
You need to know it for shure. 100% shure!
Please ask you ISP where and how to write the correct path.
Anything else is guessing ...