Protected dir asks for user/pwd twice if the ending slash is missing in URL

I am using .htaccess/.htpasswd to secure a directory (ex: http://www.domain.org/preview/) but notice that the username/password entry screen works differently in two different scenarios:

1. If I use the URL: http://www.domain.org/preview/, it only asks for username/password ONCE, which is what I want it to do.
2. But if I use the URL : http://www.domain.org/preview (notice no ending slash) it asks for the username/password TWICE and after entering it the second time it successfully loads the page but it redirects to http://domain.org/preview/ (notice www. is now missing).

Why is this happening?  I am afraid users are getting the username/pwd screen twice and might say 'forget this' and not look at the site.

Any thoughts?

Thanks.
LVL 1
djs120Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ramazanyichCommented:
It is because on your server config file ServerName directive is not set correctly for you VirtualHost:
It should be:
<VirtualServer www.domain.org:80>
ServerName www.domain.org
#some other directives
.......
</VirtualServer>


0
djs120Author Commented:
Just FYI, our webserver hosts 5 different websites, so we use virutal hosts, and in my VHost.conf file I have the following:

<VirtualHost 123.123.123.123>
        ServerName domain.org
        ServerAlias www.domain.org
        ServerAlias ...... (and then I have lots of other alias' for this domain)
        #some other directives

So you are saying I should change the "ServerName domain.org" to "ServerName www.domain.org"?  It seems like our hosting company has all 5 of our websites that are hosted on this server set up the same wway with ServerName missing the "www.".  Should this be changed for all domains and will it have adverse affects on anything?  If we change that to add the "www." and then try to browse to "httP://domain.org" will it still work?

Thanks!
0
ramazanyichCommented:
the difference of ServerName and ServerAlias (according to doc from apache.org):
ServerName -The ServerName directive sets the hostname and port that the server uses to identify itself. This is used when creating redirection URLs. If you are using name-based virtual hosts, the ServerName inside a <VirtualHost> section specifies what hostname must appear in the request's Host: header to match this virtual host.

ServerAlias - The ServerAlias directive sets the alternate names for a host. (not used for construction of redirect URLS.

So there are two possibilities:
1. you set ServerName www.domain.org and
ServerAlias domain.org
2. You can avoid usage of ServerName for redirection URL construction by using directive UseCanonicalName:
UseCanonicalName off

With UseCanonicalName Off Apache will form self-referential URLs using the hostname and port supplied by the client if any are supplied

For more detailed explanation see check apache.org site:
http://httpd.apache.org/docs-2.0/mod/core.html#servername
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

djs120Author Commented:
Thanks for the help, I emailed my hosting company to make these changes, so I'll wait to hear back from them.

I'm increasing point value for this question because you're putting more effort in than 125 points worth (in my opinion).

Thanks.
0
ramazanyichCommented:
Thanks, hope my suggestions will work.
0
djs120Author Commented:
You were right, I did step # 1 above:
1. you set ServerName www.domain.org and
ServerAlias domain.org

My hosting company actual created a VHost_custom.conf file which is loaded before VHost.conf, since VHost.conf is automatically re-generated each time I create a new account on our dedicated box, and it worked out perfectly.

Thanks!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Apache Web Server

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.