Hi All,

I'm trying to set up password protection for a directory on my website. I've found several helpful tutorials on the Web but am still having a problem. The tutorial asks me to, "Type htpasswd -c .htpasswd username to create the file and add "username" as the first user. The program will prompt you for a password, then verify by asking again." This is straight forward enough but my system reports that the program htpasswd cannot be found. I did a system-wide find for the program in case it just wasn't in my search path but had no luck. I'm running a default install of Apache apache_1.3.24. It seems that the program should have come with it. Any ideas?

Much Appreciated,

-D

it is in ur /path/to/apache/bin ---

and in ur httpd.conf, change:

AllowOverride None

to

AllowOverride AuthConfig

for the authentication to work

[ 01 May 2002: Message edited by: Flar ]

Hmm... so it is. :-) I wonder why when I ran: find / -name htpasswd -print, it wasn't found. Thanks for the help!

-D

Hmm... I don't get an authentification prompt.

I have .htaccess in the directory I want protected. It reads:

AuthName "Restricted Area"
AuthType Basic
AuthUserFile /home/userzero/web/captainjones.com/security/.htpasswd
Require valid-user

For testing, the file has permissions set to 777.

I have an .htpasswd file in /home/userzero/web/captainjones.com/security with a username/password combo that I created with the program htpasswd. This file is also wide open for testing with 777. All looks good. I go to my homepage, click on the link that leads to the protected directory and I get through without a challenge. What gives?

Help much appreciated,

-D

this one should work..

## .htaccess file
AuthName "Yourr Auth Name"
AuthType Basic
AuthUserFile /path/to/.htpasswdfile
<Limit GET>
require valid-user
</Limit>

and check my post above..

Flar,

Thanks so much for your help. I've changed my .htaccess to reflect your suggestion but still get no password prompt. It now reads:

AuthName "Restricted Area"
AuthType Basic
AuthUserFile /home/userzero/web/captainjones.com/security/.htpasswd
AllowOverride AuthConfig
<Limit GET>
require valid-user
</Limit>

I've also double checked my AuthUserFile path and it checks out. I'm sure I'm just overlooking something simple here. Any help is sincerely appreciated.

-Delilah

Originally posted by Delilah:
It now reads:

AuthName "Restricted Area"
AuthType Basic
AuthUserFile /home/userzero/web/captainjones.com/security/.htpasswd
AllowOverride AuthConfig
<Limit GET>
require valid-user
</Limit>


AllowOverride AuthConfig should be in ur httpd.conf and not in ur .htaccess file :p

goodluck!

[ 03 May 2002: Message edited by: Flar ]

Hmm... still not working. I'll mess around with it some more.

-D

No luck after adjusting per instructions. Any ideas why this might be happening? Thanks for you rtime and trouble.

-Delilah

all those instructions ive given to u works on mine. cant see any reason why it wouldnt.

a step by step maybe?

[ 06 May 2002: Message edited by: Infested Flar ]

here:

first edit the line in ur httpd.conf that says:

AllowOverride None

to

AllowOverride AuthConfig

then restart Apache..

then put a .htaccess file on the directory u want to be protected. here's what my .htaccess has:

## .htaccess file
AuthName "Restricted Area"
AuthType Basic
AuthUserFile /etc/.htpasswd
<Limit GET>
require valid-user
</Limit>

then create the AuthUserFile using htpasswd.

#/path/to/htpasswd -cmdps /etc/.htpasswd user
Enter Password:
Re-enter Password:
User added with new password
#

thats it! it should work now. then go to http://www.yourdomain.com/restricted_dir. and u should be promted with a user/password

[ 06 May 2002: Message edited by: Infested Flar ]

Well, it works now! I guess restarting Apache so it could re-read its config file was the key (I know this, just forgot to do it). Thanks for hangin' in there with me.

:-) Delilah