Solved

.htaccess protection won't accept my password

Posted on 2011-09-19
9
331 Views
Last Modified: 2012-08-13
I followed these instructions exactly to protect a folder on my website:
http://www.elated.com/articles/password-protecting-your-pages-with-htaccess/

When trying to access a file within that folder via my browser, I am prompted for username and password but the username and password I chose does not work.

How do I fix this?
0
Comment
Question by:lukeprog
9 Comments
 
LVL 9

Expert Comment

by:parparov
ID: 36563640
Is your AuthUserFile pointing to a correct passwd file?
Is this passwd file readable by apache?

If you can paste here:
* .htaccess contents
* passwd file contents
* passwd file permissions

that may prove helpful.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36563644
Paste your .htaccess file please.
0
 

Author Comment

by:lukeprog
ID: 36563691
.htaccess:

AuthUserFile /domains/lukeprog.com/html/Friendly-AI.com/.htpasswd
AuthType Basic
AuthName "My Secret Folder"
Require valid-user

Open in new window


.htpasswd:

gogogo:UZQy3VXatVBHE

Open in new window


(I'll change the username and password later; not a big deal.)

Permissions on both files are currently 777.

Web page is:
http://lukeprog.com/Friendly-AI.com/index.html

0
 
LVL 9

Expert Comment

by:parparov
ID: 36563813
You need to "AllowOverride AuthConfig" in your apache configuration for this protected directory. And restart apache after this modification.

And if you don't mind, what was the original password? What we see is the encrypted version.

You may also have the error message in your apache error log.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:lukeprog
ID: 36563834
Original password is:

turing

Open in new window


What do I do in the Apache configuration? Not sure where that is. Does this screenshot give you any guesses?
Screen-Shot-2011-09-19-at-3.19.5.png
0
 
LVL 9

Expert Comment

by:parparov
ID: 36563937
Oh, you're running on a hosting.

I am not familiar enough with panels of hosting services; you may find it easier to ask the hosting provider about the issue. Sometimes the hosting providers have explicit instructions on .htaccess setup.
0
 
LVL 6

Accepted Solution

by:
jjperezaguinaga earned 500 total points
ID: 36570294
Greetings lukeprog,

Try to set up your .htaccess options in the following order:

AuthName
AuthType
AuthUserFile
Require valid-user

Also, I'm pretty sure your AuthUserFile is wrong, as you include a .com in the path where an absolute path your file should be provided. For instance, my path is something like this

/home/content/a/b/c/albocar/.htpasswd

and my sites are on

/home/content/a/b/c/albocar/html/_sites/site1
/home/content/a/b/c/albocar/html/_sites/site2/.htacess (protected site)

What worked for me is that I put the .htpasswd in the root file of my web server, (the first directory that appears when you FTP your account) and copied the absolute path from the ftp path. If you need help to know what's your absolute path, you can get a FTP client such as FileZilla or ask your hosting provider for help.

Best regards,
-JJ
0
 
LVL 13

Expert Comment

by:LinuxGuru
ID: 36592093
Could you let me know the name of your hosting control panel? Is it Plesk panel or Direct admin or something like that? From the screenshot I'm unable to determine the name of your hosting control panel.
0
 

Author Closing Comment

by:lukeprog
ID: 36593135
Thanks!
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

As Wikipedia explains 'robots.txt' as -- the robot exclusion standard, also known as the Robots Exclusion Protocol or robots.txt protocol, is a convention to prevent cooperating web spiders and other web robots from accessing all or part of a websit…
In Solr 4.0 it is possible to atomically (or partially) update individual fields in a document. This article will show the operations possible for atomic updating as well as setting up your Solr instance to be able to perform the actions. One major …
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now