| Author |
|
JayTB
Joined: 23 Oct 2007
Posts: 3
Location: Northern Calif
|
 Posted: Tue 23 Oct '07 22:18 Post subject: htaccess |
 |
|
I installed 2.2.6 on a Win XP computer and put a page on it, setup DNS and everything works fine.
However, the page is for family members only. Since I'm not sure how to set up security I want to block all other access to the page.
I placed a .htaccess file in the same folder as my index page (htdocs) and placed the .htpasswd file up one level.
contents of files:
.htaccess=
AuthName "Restricted Area"
AuthType Basic
AuthUserFile /Apache2.2/.htpasswd
AuthGroupFile /dev/null
require valid-user
.htpasswd=
Jeremiah:ICFRi5voFvbcw
When I enter the address in a browser it goes directly to the page and does not challenge with a pop-up.
I used notepad to make the 2 files and they show up as .htaccess and .htpasswd
What am I doing wrong? |
|
| Back to top |
|
tdonovan
Moderator
Joined: 17 Dec 2005
Posts: 611
Location: Milford, MA, USA
|
| Posted: Tue 23 Oct '07 23:51 Post subject: |
|
|
Two possibilities:1. Make sure you changed AllowOverride None to AllowOverride AuthConfig in your \Apache2.2\conf\httpd.conf file.
The AllowOverride directive that you want to change is inside the <Directory> block for your web root directory.
By default .htaccess files are not allowed - but this directive enables them.
2. Check the filenames with the dir command in a command window to see if Notepad has silently renamed your .ht* files to .txt.
If so, use the rename command to fix them. -tom- |
|
| Back to top |
|
JayTB
Joined: 23 Oct 2007
Posts: 3
Location: Northern Calif
|
| Posted: Wed 24 Oct '07 1:08 Post subject: |
|
|
I replaced the "None" with "AuthConfig" and got a "500 Internal Server Error"
This is what I did;
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride AuthConfig
I'll keep trying.
added; I changed back to None and I have access but still no login.
Last edited by JayTB on Wed 24 Oct '07 5:35; edited 1 time in total |
|
| Back to top |
|
tdonovan
Moderator
Joined: 17 Dec 2005
Posts: 611
Location: Milford, MA, USA
|
| Posted: Wed 24 Oct '07 4:13 Post subject: |
|
|
If you look in \Apache2.2\logs\error.log you may find a better explanation of what caused the 500 error.
If there is not enough information; you can find the directive LogLevel warn and change it to LogLevel debug - then restart Apache.
Without AllowOverride AuthConfig your .htaccess file will be ignored, so the problem seems to be something with your .htaccess file, or maybe your .htpasswd file.
-tom- |
|
| Back to top |
|
JayTB
Joined: 23 Oct 2007
Posts: 3
Location: Northern Calif
|
| Posted: Wed 24 Oct '07 5:34 Post subject: |
|
|
As was suggested I looked in the error log and found the problem.
The path it was looking for the .htpasswd file began C:/ with a full path to the file. You can see in my orig post what I had.
Once I entered the entire path in the .htaccess file and changed the line in the httpd file to "AllowOverride AuthConfig" everything is working.
Now I want to learn how to make the server secure.
I am sure I will have many more questions.
Thank you for everything. |
|
| Back to top |
|
