.htaccess

hearn

I need to know how to delete entries from a .htaccess file. I have no idea where to begin on this one. How would I search for a username and password within a .htpasswd file, and then delete that line of the file and move all entries below that one up by one line? If someone can post some code for it I'd be VERY grateful. Thanks for your time and thanks in advance!

Bunkermaster

why use .htaccess and .htpasswd for that? you could have a mysql based security and it would be a lot easier to delete users...

hearn

Because I'm working with a buddy on his site and he wants it like he asks.... so do you know of a way?

NiXXeD

I personally have never used .htaccess files before, but I thought I remember seeing some info on apache's site... Maybe you ought to look there and see.

Bunkermaster

if your buddy thinks the easier way to go down to the ground floor from the 15th floor is jumping do you jump?
Don't mean to be rude but using a DB based security would be a LOT more efficient.]
😃

acey99

Originally posted by hearn
I need to know how to delete entries from a .htaccess file. I have no idea where to begin on this one. How would I search for a username and password within a .htpasswd file, and then delete that line of the file and move all entries below that one up by one line? If someone can post some code for it I'd be VERY grateful. Thanks for your time and thanks in advance!

what os - Linux/Unix, Win, Mac ???

if Linux/Unix then dou you know how to telnet (run shell)?

if so then cd to the folder wo ehre the .htassess file is & edit it with a text editor (VI or pico(

hearn

Originally posted by Bunkermaster
if your buddy thinks the easier way to go down to the ground floor from the 15th floor is jumping do you jump?
Don't mean to be rude but using a DB based security would be a LOT more efficient.]
😃

Might be more efficient, however, not as secure because third parties could access the database. Authentication denies based on user access, not a transfer of database text.

I'm using windows so i can't really use the telnet option that easy.

acey99

ok... still go to where the .htaccess file is, & remove/add what you need.

http://faq.clever.net/htaccess.htm

🙂

Delcypher

Firstly cuz of windows File ing system (FS) it cannot support the filename ".htaccess". you can change this in apaches config file
"httpd.conf"

U need 2 change the option "AllowOverride" option from what ever it is 2

AllowOverride AuthConfig

u need 2 change "AccessFileName .htaccess" 2
AccessFileName [what_ever].ht

(e.g webht.ht)

the .ht extension is good 2 use cuz apache blocks any1 accessing a file with that extention. then change
<Files ~ "^.ht">

to
<Files ~ "*.ht">

Save ur changes and restart the server

create a file in the directory u want protected called [what_ever_u_called_the_htaccess_file].ht (eg. webht.ht)

open it and the the following lines

AuthName "Restricted Stuff"
AuthType Basic
AuthUserFile c:/pwd/not_on_web_server/rs.ht

require valid-user

now run cmd.exe (winNT/2000/XP) or command.com (win9x/Me)

and type

cd c:\progra~1\apache~1\apache\bin\
or whereever apache is located
htpasswd -c [location of where 2 put the username + pwd file] [username]

eg.

htpasswd -c c:\pwd\not_on_web_server\rs.ht admin

plz note -c command tells it 2 write a new file
2 add users just use the same command without the -c command

now reopen

[what_ever_u_called_the_htaccess_file].ht

and make it

AuthName "Restricted Stuff"
AuthType Basic
AuthUserFile [location of user+pwd file using / slash not ]

require valid-user

Save it and test it

http://127.0.0.1/restricted_dir/

and it shud request 4 a username + password

Hope this helps

hearn

Originally posted by Delcypher
Firstly cuz of windows File ing system (FS) it cannot support the filename ".htaccess". you can change this in apaches config file
"httpd.conf"

U need 2 change the option "AllowOverride" option from what ever it is 2

AllowOverride AuthConfig

u need 2 change "AccessFileName .htaccess" 2
AccessFileName [what_ever].ht

(e.g webht.ht)

the .ht extension is good 2 use cuz apache blocks any1 accessing a file with that extention. then change
<Files ~ "^.ht">

to
<Files ~ "*.ht">

Save ur changes and restart the server

create a file in the directory u want protected called [what_ever_u_called_the_htaccess_file].ht (eg. webht.ht)

open it and the the following lines

AuthName "Restricted Stuff"
AuthType Basic
AuthUserFile c:/pwd/not_on_web_server/rs.ht

require valid-user

now run cmd.exe (winNT/2000/XP) or command.com (win9x/Me)

and type

cd c:\progra~1\apache~1\apache\bin\
or whereever apache is located
htpasswd -c [location of where 2 put the username + pwd file] [username]

eg.

htpasswd -c c:\pwd\not_on_web_server\rs.ht admin

plz note -c command tells it 2 write a new file
2 add users just use the same command without the -c command

now reopen

[what_ever_u_called_the_htaccess_file].ht

and make it

AuthName "Restricted Stuff"
AuthType Basic
AuthUserFile [location of user+pwd file using / slash not ]

require valid-user

Save it and test it

http://127.0.0.1/restricted_dir/

and it shud request 4 a username + password

Hope this helps

Windows can edit .htaccess files, i know this for a fact because i have a script that adds usernames and passwords without any error, i just need to know how to seek and delete a line from within a .htpasswd file.

Bunkermaster

I guess you'd need to look for a username and the delimiter then the end of line (CRLF, LF or CR?) then reconstruct the file hoping that noone tried to connect while you were actually fooling around with the security 😃