.htaccess no effect

My goal is to password protect site:
(site is avaible in /var/www)

I have put an .htaccess into /var/www/.htaccess


here is the content:
Authname "login"
AuthUserFile /var/www/.htpasswd
AuthType Basic
require valid-user

Open in new window

I have the mod rewrite enable as shown in:

Loaded Modules       core mod_log_config mod_logio prefork http_core mod_so mod_actions mod_alias mod_auth_basic mod_authn_file mod_authz_default mod_authz_groupfile mod_authz_host mod_authz_user mod_autoindex mod_cgi mod_deflate mod_dir mod_env mod_fcgid mod_include mod_mime mod_negotiation mod_php5 mod_reqtimeout mod_rewrite mod_setenvif mod_ssl mod_status mod_suexec mod_suphp

and NOTHING: it seems .htaccess has no effect at all

What am I doing wrong ?
Who is Participating?
Maximus5684Connect With a Mentor Commented:
Go into your httpd.conf file (or your virtual directory file, whichever defines your main directory) and move the text from your .htaccess file into this file under the <Directory> tag. This will give the same effect, but you won't have to worry about whether .htaccess files are being processed or not. It will also not slow down your Apache server as much.

Also, make sure to move your password file out of your root web directory. Even though it isn't accessible, it is best to not keep it in a web-accessible directory. Here is the Apache doc on authentication that gives tips on authentication and authorization:

Do you have access to the server's configuration files? If so, this should be done there instead. If not, processing of the .htaccess files may be disabled with an AllowOverride directive which could be the cause of this not working.
proxymisAuthor Commented:
yes I have ROOT access to server: what should I do ?
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.