axtur
asked on
Configure .htaccess and .htpasswd to password-protect folder
I want to protect my site (certain subdomain pointing to a folder), using the .htaccess and .htpasswd files, I don't know really where to place them, lets say i want to protect the full main domain (for testing purposes, later i will only protect a subdomain), and use the next test user and passwords, this is a capture also of the "home" folder that my hosting company shows me when I log in using filezilla:
Content of:
.htaccess
AuthName "Restricted Area"
AuthType Basic
AuthUserFile /home/.htpasswd
AuthGroupFile /dev/null
require valid-user
.htpasswd
wsabstract:NDVUFz1uLUfeI
*keep in mind that the password is already encrypted using the next tool, the actual password is the same as the username, as i said for testing purposes:
http://www.tools.dynamicdrive.com/password/
homefolder.JPG
Content of:
.htaccess
AuthName "Restricted Area"
AuthType Basic
AuthUserFile /home/.htpasswd
AuthGroupFile /dev/null
require valid-user
.htpasswd
wsabstract:NDVUFz1uLUfeI
*keep in mind that the password is already encrypted using the next tool, the actual password is the same as the username, as i said for testing purposes:
http://www.tools.dynamicdrive.com/password/
homefolder.JPG
MMDeveloper
so what's the problem, it not prompting for a password?
this is one of my .htaccess'
AuthUserFile /var/www/.htpasswd
AuthName "Database Administration"
AuthType Basic
require valid-user
Options -Indexes
I've supplied the absolute path to the .htpasswd file
to populate the .htpasswd file you use:
htpasswd /path/to/.htpasswd/file username
<enter>
enter password
<enter>
confirm password
<enter>
The .htaccess will go in the directory you want to protect.
AuthUserFile /var/www/.htpasswd
AuthName "Database Administration"
AuthType Basic
require valid-user
Options -Indexes
I've supplied the absolute path to the .htpasswd file
to populate the .htpasswd file you use:
htpasswd /path/to/.htpasswd/file username
<enter>
enter password
<enter>
confirm password
<enter>
The .htaccess will go in the directory you want to protect.
ASKER
It's prompting a password, but not accepting it, user and password are the same.
wsabstract
(ps, i give this username and password just for testing purposes since its forbidden by EE rules to give out usernames and passwords)
Is the encryption correct? How do i check the encryption made by my server? I've found out that several pages that generate .htpasswd files, would give different encrypted passwords for the same non-encrypted password.
wsabstract
(ps, i give this username and password just for testing purposes since its forbidden by EE rules to give out usernames and passwords)
Is the encryption correct? How do i check the encryption made by my server? I've found out that several pages that generate .htpasswd files, would give different encrypted passwords for the same non-encrypted password.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.