.htaccess & pass

amy89 · February 6th, 2008, 12:26 AM

This may come off as an idiotic question and I do apologize before hand but I am having so much issues with it and yes I read through numerous tutorials... that light bulb isn't shining yet.

For my htaccess I am trying to get to password protect a particular file. But everytime I try it, it keeps saying my password is incorrect. Is my root wrong? I have a shared package...

My .htaccess

AuthType Basic
AuthName "Username"
AuthUserFile /public_html/materials/.htpasswd
Require valid-user

My .htpasswd
t9n8m5t3s:FQRwGrWMKaL8o

which is based off the username: encr. password style...

Any advice? Thanks!

**Sentinel** · February 6th, 2008, 8:08 AM

Below is my .htaccess. You should not put your password file in the same directory as the directory you want to protect. It should not make it fail but from a security perspective it is not the best idea. You should place it in a file above the publicly viewable files, so therefore your path should look something like this.

AuthUserFile /home/account-name/.htpasswd
AuthGroupFile /dev/null
AuthName "Restricted Area"
AuthType Basic
Require valid-user

Also no need to place the name of the user in the file either. Again for best security the least amount of info you give the better. So that's why I just allow valid user.

Third I am guessing that your username is "t9n8m5t3s" ? Is that correct?

And last make sure that the password file is plain ascii text (and the htaccess file too for that matter) and make sure that you upload them as text and not binary. and make sure it is in the right place as defined by the location of the htaccess file path.

edit added:
Wait now. I see that you say that the user name is encr? Your password file should look like this :
username:encryptedpassword

amy89 · February 6th, 2008, 11:58 AM

It still isn't working. Do I have the file root part right? For AuthUserFile ... since my is a shared hosting, do I still do /home/... ?? Is group necessary? Since I am making it one user access. Besides the root address, I can't think of anything else that is wrong with the coding...

No no, that is just my .htpasswd file, that is username, not encrypted.

**Roxy** · February 6th, 2008, 12:02 PM

In Cpanel, there is a feature for you to password protect directories easily. Have you tried using this instead of your .htaccess?

**Sentinel** · February 6th, 2008, 5:19 PM

Yes, as suggested you can use the cPanel feature to do this. But I will assume that you want to do it manually or want to learn how to do it. I myself like to do things for myself but the choice is up to you.

If you want to do it manually:
1. Try typing it exactly as I have it there. I am also on a shared server so yours "should be" exactly like mine. Make sure the path is exactly like mine in the example above...
AuthUserFile /home/your-account-name/.htpasswd

Make sure that you replace your-account-name with your account name.

2. Then make sure that you create the .htpasswd file in plain ascii text. Use Notepad or equivalent.

3. Then make sure that you place the .htpasswd file in the location that the path above points to. That is in the main directory for your user account on the shared server that you are on. In other words the folder/directory above the public html folder where all your html files are.

4. When you save the file make sure that is ".htpasswd" and not htpasswd.txt or any other suffix at the end. It will not work unless it is exactly .htpasswd

February 6th, 2008, 12:26 AM	#1 (permalink)
amy89 Registered User Fresh Surpasser Joined in Feb 2008 2 posts Gave thanks: 0 Thanked 0 times	.htaccess & pass This may come off as an idiotic question and I do apologize before hand but I am having so much issues with it and yes I read through numerous tutorials... that light bulb isn't shining yet. For my htaccess I am trying to get to password protect a particular file. But everytime I try it, it keeps saying my password is incorrect. Is my root wrong? I have a shared package... My .htaccess AuthType Basic AuthName "Username" AuthUserFile /public_html/materials/.htpasswd Require valid-user My .htpasswd t9n8m5t3s:FQRwGrWMKaL8o which is based off the username: encr. password style... Any advice? Thanks!

February 6th, 2008, 8:08 AM	#2 (permalink)
Sentinel Surpass Fan On a golden path... Joined in Mar 2006 Hosted on SH100 420 posts Gave thanks: 59 Thanked 17 times	Below is my .htaccess. You should not put your password file in the same directory as the directory you want to protect. It should not make it fail but from a security perspective it is not the best idea. You should place it in a file above the publicly viewable files, so therefore your path should look something like this. AuthUserFile /home/account-name/.htpasswd AuthGroupFile /dev/null AuthName "Restricted Area" AuthType Basic Require valid-user Also no need to place the name of the user in the file either. Again for best security the least amount of info you give the better. So that's why I just allow valid user. Third I am guessing that your username is "t9n8m5t3s" ? Is that correct? And last make sure that the password file is plain ascii text (and the htaccess file too for that matter) and make sure that you upload them as text and not binary. and make sure it is in the right place as defined by the location of the htaccess file path. edit added: Wait now. I see that you say that the user name is encr? Your password file should look like this : username:encryptedpassword __________________ SH100 , SH131 & SH124

February 6th, 2008, 12:02 PM	#4 (permalink)
Roxy URB4N 5K1LLZ Super #1 Joined in Sep 2005 Lives in Orlando, FL Hosted on SH63 2,648 posts Gave thanks: 81 Thanked 127 times	In Cpanel, there is a feature for you to password protect directories easily. Have you tried using this instead of your .htaccess? __________________ Roxanne Surpass Staff Urban Roxy -Personal Blog SH63 - the best darn shared server!

February 6th, 2008, 5:19 PM	#5 (permalink)
Sentinel Surpass Fan On a golden path... Joined in Mar 2006 Hosted on SH100 420 posts Gave thanks: 59 Thanked 17 times	Yes, as suggested you can use the cPanel feature to do this. But I will assume that you want to do it manually or want to learn how to do it. I myself like to do things for myself but the choice is up to you. If you want to do it manually: 1. Try typing it exactly as I have it there. I am also on a shared server so yours "should be" exactly like mine. Make sure the path is exactly like mine in the example above... AuthUserFile /home/your-account-name/.htpasswd Make sure that you replace your-account-name with your account name. 2. Then make sure that you create the .htpasswd file in plain ascii text. Use Notepad or equivalent. 3. Then make sure that you place the .htpasswd file in the location that the path above points to. That is in the main directory for your user account on the shared server that you are on. In other words the folder/directory above the public html folder where all your html files are. 4. When you save the file make sure that is ".htpasswd" and not htpasswd.txt or any other suffix at the end. It will not work unless it is exactly .htpasswd __________________ SH100 , SH131 & SH124

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Rate This Thread
Rate This Thread:

February 6th, 2008, 11:58 AM	#3 (permalink)
amy89 Registered User Fresh Surpasser Joined in Feb 2008 2 posts Gave thanks: 0 Thanked 0 times	It still isn't working. Do I have the file root part right? For AuthUserFile ... since my is a shared hosting, do I still do /home/... ?? Is group necessary? Since I am making it one user access. Besides the root address, I can't think of anything else that is wrong with the coding... No no, that is just my .htpasswd file, that is username, not encrypted.

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)