I did as the .htaccess instructions said. I created a passwords file, and then a .htaccess file. But, it does not prompt me for my username/password when I go to access the files inside that directory.
This is how my .htaccess file reads:
AuthType Basic
AuthName "Editors Only"
AuthUserFile /usr/local/apache/passwd/passwords
Require user tcovert
Where am I going wrong?
Below <Directory "/your/web/directory"> in httpd.conf is:
AllowOverride
Change it to:
AllowOverride AuthConfig
Then save httpd.conf and restart Apache.
I made the change and restarted. No luck.
Your .htaccess file should look as below:
AuthUserFile /your/location/to/password/file/.password_filename
AuthGroupFile /dev/null
AuthName "Your Pop Up Authentication window Name"
AuthType Basic
<Limit GET POST>
require valid-user
</Limit>
then go to /your/location/to/password/file/
and create .password_filename by using htpasswd command
Try that out! It works just fine.
Okay,
I made my .htaccess file look the same as you said. I put it inside the folder I want to protect. I created the password file elsewhere, named .htpasswd.
I try and go to a file in the protected directory, and it lets me in without even prompting me for user/pass.
Is there something else that needs to be changed in a conf file?
If it doesn't prompt u to the User aunthetication window then the problem should be on how you configured your apache.
Which platform do use to run your Web server?
But make sure your path to password file should be exactly as the one described in your .htaccess file
this means /your/location/to/password/file/
And the password file will have lines according to number of permitted users
e.g
username1:UsEr1paSSwd
username2:UsEr2paSSwd
I actuall had the same problem but the following solved it. I did the same what intenz told you about the allowoverride authconfig. Plus: You really gotta make sure the path to your passwordfile ist correct. For example at my apache-server it looks like:
AuthUserFile ./htdocs/admin/.htpasswd
The whole .htaccess file is like:
AuthType Basic
AuthName "Admin Area"
AuthUserFile ./htdocs/admin/.htpasswd
require user admin
I hope this will help ya.
Benjamin
I am no expert on http authentication, I just learned enough to make it work for my purposes, but this is the .htaccess file that worked for me:
AuthUserFile "/path/to/my/apache/bin/.htpasswd"
AuthName "Private Home Web"
AuthType Basic
<Limit GET POST>
order deny,allow
deny from all
allow from 192.168.0
require valid user
satisfy any
</Limit>
When I leave it commented the way it is, I can access it from my network without being prompted for a password. If I comment out 'satisfy any' and uncomment 'satisfy all' I get prompted for a password on the network, and cannot access it at all from outside the network.
It is recommended you put the access information in your httpd.conf file, but if you are putting .htaccess directives in the web folders I would also check your Apache httpd.conf file for these lines and make sure Apache is looking for the same file name as you have it saved as:
#
#
AccessFileName .htaccess
Okay,
I made some other changes in the httpd.conf file. It now prompts me for username and password...but it doesn't accept the username/password that I supply.
Now what is wrong?
My .htaccess is like this...
AuthUserFile /usr/local/www/.htpasswd
AuthGroupFile /dev/null
AuthName Private
AuthType Basic
require valid-user
Hope it helps.
It works now. Thanks all for your help.