Solved

problems with .htaccess on Apache2

Posted on 2010-08-20
8
602 Views
Last Modified: 2013-11-05
Dear Expert:

I have installed apache2 on a Debian and add a .htaccess file with this content:

AuthUserFile /var/www/.htpasswd
AuthName "myuser"
AuthType Basic
require valid-user


I have added "myuser" linux user, and I have also created the .htpasswd file with this command:
htpasswd -c .htpasswd myuser

When I try to access to this web, it appears de authentication popup, but when enter user and password and internal Server Error is showed.

What I'm doing wrong ?

Thank you.
0
Comment
Question by:gplana
  • 4
  • 2
  • 2
8 Comments
 
LVL 6

Expert Comment

by:JRoyse
ID: 33487898
1. I don't believe you need "AuthName 'myuser"

2.You can put a "DirectoryIndex index.html" if for example you have an index.html that it is to serve up after the Auth.

3. Does the webserver serve a page without the .htaccess file (Example: rename the .htaccess file and see if a page loads)

4. Does the apache or httpd service have enough permission to read the .htaccess and .htpasswd files?

5. Did you check in the /var/log/httpd/error.log file or equivalent after you get the error?

6. Does your .htpasswd have one line like: "myuser:sCraMbLeDChArs"

0
 
LVL 15

Author Comment

by:gplana
ID: 33488601
Thank you for your answer. I'm answering  your points ->
1. I followed instructions I found on internet
2.  Yes, this is the default configuration, so I think that is already done.
3. Yes. The webserver serve the index page if there isn't the .htaccess file. (it worked before I add the .htaccess file)
4.  .htaccess and .htpasswd have the same permisions as index.html file> rw-r--r--
5. The error log says> could not open password file> /var/www/.htpasswd
6. Yes.
 
0
 
LVL 16

Expert Comment

by:HackneyCab
ID: 33489805
Well, this isn't the source of your trouble, but I will point out that AuthName sets the authentication realm, not the username required, so calling it "myuser" seems a mistake. A better example would be:

AuthName "Secret Admin Area"

As the error log says "Could not open password file /var/www/.htpasswd" then it is very likely that your .htpasswd file is either not readable due to permissions, or there is no .htpasswd file on your machine in the /var/www directory. Have you checked that the owner and group of the file permits your Apache server? Use:

ls -l /var/www

to see the full details of the content of the /var/www directory, including the owner and group assigned to each file. Every time I create new documents in my /var/www directory, I have to change the owner and group to "apache" and "webdev" so that Apache can read it and I can edit it. (My user account is in the "webdev" group.) This is because files I create are automatically created with my account as owner and placed in my group.
0
 
LVL 15

Author Comment

by:gplana
ID: 33492828
I make a ls -al and, as I said before, permisions are rw-r--r--. User and group was root, and I changed to www-data, which I see is te user who executes apache2 daemons (I see that by using ps -ef). User apache doesn't exists on my system.
Problem is still the same. Any other idea ?
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 6

Accepted Solution

by:
JRoyse earned 500 total points
ID: 33501367
read permission should work without any trouble - maybe there is a typo or space in the names.

I would change the .htaccess to read: AuthUserFile /var/www/user-list

and then copy the .htaccess to /var/www/user-list

Make sure the file permissions opened up - then try again.  
0
 
LVL 15

Author Closing Comment

by:gplana
ID: 33502611
I think there would be any kind of error about the pat. I changed the path for index.html and copyied .htaccess and .htpasswd files in there and it works.

Thank you for your help. It's good to know there is someone on the other side.
0
 
LVL 16

Expert Comment

by:HackneyCab
ID: 33502658
Weird that it didn't work as it was.

Don't forget to change the AuthName to an authentication realm rather than a username. The authentication realm is useful if you want to allow one login to be valid for more than one directory / page.
0
 
LVL 15

Author Comment

by:gplana
ID: 33503632
Sorry but.... what is an authentication realm ?
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

It is possible to boost certain documents at query time in Solr. Query time boosting can be a powerful resource for finding the most relevant and "best" content. Of course the more information you index, the more fields you will be able to use for y…
In Solr 4.0 it is possible to atomically (or partially) update individual fields in a document. This article will show the operations possible for atomic updating as well as setting up your Solr instance to be able to perform the actions. One major …
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now