Solved

How to create an .htacess file to pasword protect a directory.

Posted on 2007-04-10
17
166 Views
Last Modified: 2010-04-09
What goes into an .htaccess file to password protect a directory?

Right now we have no .htaccess file

Thanks!
0
Comment
Question by:weikelbob
  • 8
  • 7
  • 2
17 Comments
 
LVL 24

Expert Comment

by:slyong
ID: 18886487
0
 
LVL 7

Author Comment

by:weikelbob
ID: 18886588
How do I come up with my root URL?

0
 
LVL 24

Expert Comment

by:slyong
ID: 18886650
your Webroot is where you upload your html files to.
0
MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

 
LVL 7

Author Comment

by:weikelbob
ID: 18886687
Yes, but don't I need my php settings to find the whole URL?

0
 
LVL 24

Expert Comment

by:slyong
ID: 18886732
Nope, .htaccess is a feature of apache and has nothing to do with php.  Your webroot directory is where you have your index.html.  Depending on the server setting, it might be /var/www/html, /home/vhosts/yourdomain.com/httpdocs, etc.
0
 
LVL 7

Author Comment

by:weikelbob
ID: 18886745
How do I find my webroot directory?
0
 
LVL 24

Expert Comment

by:slyong
ID: 18886798
Where do you upload your html files to?
0
 
LVL 7

Author Comment

by:weikelbob
ID: 18886972
I just use FTP. My FTP program doesn not give me the full directory.
0
 
LVL 24

Expert Comment

by:slyong
ID: 18887077
That directory is your webroot directory.  Do you have any other access to the server, like Control Panel, ssh, etc?
0
 
LVL 10

Expert Comment

by:NeoDiffusion
ID: 18888284

Hello,

To know what is your absolute path, simply create the following PHP file, and upload whith your your other files:
-- begin file whereami.php --
<?php
echo  getcwd();
?>
-- end file whereami.php --

Then, in your browser, type http://www.yoursite.tld/whereami.php

Don't forget to remove this file, this information could be used by hackers.

Rgds,
Werner.
0
 
LVL 7

Author Comment

by:weikelbob
ID: 18894947
Cool. Let me try that php function
0
 
LVL 7

Author Comment

by:weikelbob
ID: 18948927
OK.

I've been using you guys' links.

I have my admin directory password protected, but you can view files inside the admin directory without a username and password. How do I password protect an entire directory?

I tried password protecting single files with no luck. I used NeoDiffusion's script to get the root. I'm using the Dynamic Drive link to generate the htaccess and htpasswd text.

What could I be doing wrong?
0
 
LVL 10

Accepted Solution

by:
NeoDiffusion earned 250 total points
ID: 18949543
Hello,

If you can view inside the protected directory without login/password, then your folder is NOT protected (except if you provided once the data: it's saved during your whole session).

Here is a recap:

You should have your .htpassword file in a secret folder. This folder should contain a .htaccess file with following content:
--
deny from all
--
To make sure that nobody can access your password file

Then, your admin folder should contain a .htaccess file, with something like:
--
AuthUserFile /full/path/to/.htpasswd
AuthType Basic
AuthName "My Secret Folder"
Require valid-user
--

Read http://www.elated.com/articles/password-protecting-your-pages-with-htaccess/
for detailed instructions.

Rgds,
Werner.
0
 
LVL 7

Author Comment

by:weikelbob
ID: 18950619
@NeoDiffusion and slyong

I've tried all of the links in this post and the same thing is happening.

The site is hosted with Godaddy and they won't talk to me about htaccess. They say that their cpanel doesn't password protect directories, and they said to use htaccess, but they don't support the configuration of htaccess.

The thing that keeps happening when I try to password protect a directory is that if I go to the directory directly

www.basilnthyme.com/admin

I get the password protection screen.

If I go directly to the pages within the directory, it lets me through - like

www.basilnthyme.com/admin/admin.php

Any ideas?
0
 
LVL 24

Expert Comment

by:slyong
ID: 18950935
Hi weikelbob,

Could you please tell us what have you done?  In particular if you can show us what does your .htaccess looks like and .htpasswd looks like and where do you put the files into?
0
 
LVL 7

Author Comment

by:weikelbob
ID: 18953191
OK.

.htaccess:
AuthUserFile /home/content/p/r/e/preetiwaas/html/admin/.htpasswd
AuthType Basic
AuthName "My Secret Folder"
Require valid-user

.htpasswd:
preetiwaas:98t3DleUAYy/k

I put the files in www.basilnthyme.com/admin
0
 
LVL 24

Assisted Solution

by:slyong
slyong earned 250 total points
ID: 18953289
Hi weikelbob,

I have done some reading.  GoDaddy has a problem with the .htaccess and there is no way around it.  There is a way that use .html as a .php program but it is going to be quite messy.  The references is here:

http://forums.oscommerce.com/lofiversion/index.php/t193134.html
http://forums.devshed.com/apache-development-15/apache-config-on-shared-host-does-not-protect-php-files-321868.html

So, basically sorry, the .htaccess method that you use and did is correct but due to GoDaddy's configuration, you can't protect your php file.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Today, the web development industry is booming, and many people consider it to be their vocation. The question you may be asking yourself is – how do I become a web developer?
Although a lot of people devote their energy toward marketing for specific industries, there are some basic principles that can be applied to any sector imaginable. We’ll look at four steps to take and examine how those steps were put into action fo…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question