|
Home > Archive > Apache Server configuration support > September 2007 > htaccess configuration quickie
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
htaccess configuration quickie
|
|
| Tim Gordon 2007-09-14, 7:34 am |
| Hi,
I've been pulling my hair out with this so any pointers as to where I should
start would be appreciated.
I've a directory, 'admin' in my apache2 server that I want to protect from
access and be prompted for a user name and password- the complete directory
structure is:
/srv/www/ htdocs/admin
htdocs is the document root and I created an 'allowlist' in the www
directory. I've created a .htaccess file within the admin directory
containing:
AuthUserFile /srv/www/allowlist
AuthGroupFile /dev/null
AuthName "TheSecretpage"
AuthType Basic
<Limit GET POST>
require valid-user
</Limit>
The httpd.conf file has:
# forbid access to the entire filesystem by default
<Directory />
Options None
AllowOverride All
Order deny,allow
Deny from all
</Directory>
<Directory ~ "/admin">
Options All
AllowOverride All
Order deny,allow
Deny from all
</Directory>
# use .htaccess files for overriding,
AccessFileName .htaccess
# and never show them
#<Files ~ "^\.ht">
# Order allow,deny
# Deny from all
#</Files>
At present I am not getting prompted for a user/password and am getting
access denied when I try and access the directory.
Any ideas?
Thanks in advance
Tim
--
I never wish I was not what I was not when I didn't wish what I was not was
not what I am not.
| |
| Davide Bianchi 2007-09-14, 7:34 am |
| On 2007-09-14, Tim Gordon <tim@mgom.commercial.uk> wrote:
> # forbid access to the entire filesystem by default
>
><Directory />
> Options None
> AllowOverride All
> Order deny,allow
> Deny from all <---- NOTE
></Directory>
>
><Directory ~ "/admin">
> Options All
> AllowOverride All
> Order deny,allow
> Deny from all <--- NOTE
></Directory>
This way you basically deny any access to such directory.
> At present I am not getting prompted for a user/password and am getting
> access denied when I try and access the directory.
>
> Any ideas?
Yeah, get rid of the 'deny' bit and put an 'allow from all' instead.
Davide
--
I'm not sure that the ability to create routing diagrams similar to
pretzels with mad cow disease is actually a marketable skill.
-- Steve Levin on alt.sysadmin.recovery
| |
| Tim Gordon 2007-09-14, 7:34 am |
| "Davide Bianchi" <davideyeahsure@onlyforfun.net> wrote in message
news:slrnfekh5o.2pn.davideyeahsure@fogg.onlyforfun.net...
> On 2007-09-14, Tim Gordon <tim@mgom.commercial.uk> wrote:
>
> This way you basically deny any access to such directory.
>
>
> Yeah, get rid of the 'deny' bit and put an 'allow from all' instead.
>
> Davide
Thanks, but that cannot be correct. My root directory is working for
annoymous browsing no problem at all. I did the change you suggested
though, to the admin directory, and now I have full access. Still no prompt
for user or password though.
Anyone else any thoughts or ideas?
Tim
--
I never wish I was not what I was not when I didn't wish what I was not was
not what I am not.
| |
| Davide Bianchi 2007-09-14, 7:34 am |
| On 2007-09-14, Tim Gordon <tim@mgom.commercial.uk> wrote:
> Thanks, but that cannot be correct. My root directory is working for
> annoymous browsing no problem at all. I did the change you suggested
> though, to the admin directory, and now I have full access. Still no prompt
> for user or password though.
One step at a time. Now you have access to the directory, it's time
to check if the .htaccess is read and why it doesn't work. Any informations
in the error_log?
How did you created the 'accesslist'?
Davide
--
MCSE == Mentally Challenged Slave of the Empire.
-- Gareth Barnard
| |
| Tim Gordon 2007-09-14, 7:34 am |
| "Davide Bianchi" <davideyeahsure@onlyforfun.net> wrote in message
news:slrnfeki69.2pn.davideyeahsure@fogg.onlyforfun.net...
> On 2007-09-14, Tim Gordon <tim@mgom.commercial.uk> wrote:
>
> One step at a time. Now you have access to the directory, it's time
> to check if the .htaccess is read and why it doesn't work. Any
> informations
> in the error_log?
Nothing in the error log and the access log is normal too. I have a piece
of text at the end of my .htaccess file 'GARBAGE' which, if the file was
being read, I thought I'd get an error somewhere.
> How did you created the 'accesslist'?
Mmm. An online tool.
Tim
--
I never wish I was not what I was not when I didn't wish what I was not was
not what I am not.
| |
| Davide Bianchi 2007-09-14, 7:34 am |
| On 2007-09-14, Tim Gordon <tim@mgom.commercial.uk> wrote:
> Nothing in the error log and the access log is normal too. I have a piece
> of text at the end of my .htaccess file 'GARBAGE' which, if the file was
> being read, I thought I'd get an error somewhere.
Ok, so now the problem is that your .htaccess is not read. I think that
somewhere in your configuration your <Directory> block is overridden,
I'd start by changing the block as follow (if I remember correctly your
original post and you haven't falsified anything) :
<Directory "/srv/www/htdocs/admin">
Options All
AllowOverride All
Order allow,deny
Allow from all
</Directory>
(restart apache of course after doing this)
then post your config file.
> Mmm. An online tool.
Watch out: if the password is encrypted with a different library than
the one installed on the server it won't work. Always and only use
the standard htpasswd program.
Davide
--
Unix: Where /sbin/init is still Job 1.
-- From a Slashdot.org post
| |
| Tim Gordon 2007-09-14, 7:34 am |
| "Davide Bianchi" <davideyeahsure@onlyforfun.net> wrote in message
news:slrnfekjad.2pn.davideyeahsure@fogg.onlyforfun.net...
> On 2007-09-14, Tim Gordon <tim@mgom.commercial.uk> wrote:
>
> Ok, so now the problem is that your .htaccess is not read. I think that
> somewhere in your configuration your <Directory> block is overridden,
> I'd start by changing the block as follow (if I remember correctly your
> original post and you haven't falsified anything) :
>
> <Directory "/srv/www/htdocs/admin">
> Options All
> AllowOverride All
> Order allow,deny
> Allow from all
> </Directory>
>
> (restart apache of course after doing this)
>
> then post your config file.
>
>
> Watch out: if the password is encrypted with a different library than
> the one installed on the server it won't work. Always and only use
> the standard htpasswd program.
That's done it! Thanks very much.
I got a server error 500 to start with. I then remembered to take the
'garbage' text out from the .htaccess and now it works a dream.
Tim
--
I never wish I was not what I was not when I didn't wish what I was not was
not what I am not.
|
|
|
|
|