View Full Version : Help with .htaccess and htpasswd please

03-06-2003, 05:45 PM
I have ssl on a shared server and it seems to work (padlock) except no header images in admin.

I want to use .htaccesss to protect my Admin dir catalog/admin/

This is my .htaccess file..

# $Id: .htaccess,v 1.1 2002/07/21 23:41:41 hpdl Exp $
# This is used with Apache WebServers
# The following makes adjustments to the SSL protocol for Internet
# Explorer browsers
# For this to work, you must include the parameter 'Limit' to the
# AllowOverride configuration
# Example:
#<Directory "/usr/local/apache/htdocs">
# AllowOverride Limit
# 'All' with also work. (This configuration is in your
# apache/conf/httpd.conf file)

<IfModule mod_setenvif.c>
<IfDefine SSL>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

AuthType Basic
AuthUserFile /home/myID/leagueandlegends-www/catalog/.htpasswd
AuthName "Leagues Shop Security"
require valid-user

DirectoryIndex default.php index.php index.htm index.html


I have it in the catalog/admin/ directory

I also have a .htpasswd text file with just 1 line in it...

ID:encrypted password

as supplied by http://www.kelv.net/programming/htaccess/

I uploaded this also to the /catalog/admin/ dir



The panel keeps asking for the ID/pwd even tho' I have checked it is correct.

Obviously I have done or not done something!


03-06-2003, 08:50 PM
I uploaded this also to the /catalog/admin/ dir

You should never put your .htpasswd file in a web accessable directory. Put it above your www tree. But, if you are not getting in, it is most likely a path problem. It is not finding your .htpasswd file. Also make sure you uploaded it in ASCII, not binary.

03-07-2003, 02:03 AM

This is in my lowest dir..


The .htpasswd file is in this same lowest dir which I uploaded it to in ascii.

The .htaccess file is in /catalog/admin/

It has the following path it.

AuthType Basic
AuthUserFile /league/leagueandlegends-www/catalog/admin/.htpasswd
AuthName "Leagues Shop Security"
require valid-user

I know it is incorrect as the file is not in admin. But how then do I write the path to the dir where it is?

BTW. All my files are duplicated in secure, -www and www dirs

Thanks :cry:

03-07-2003, 09:42 AM
Ok, that is the problem. Your .htaccess file is looking in the wrong place for .htpasswd

You need to find out what your accounts home path is. It is usually something like:


That is where you want to put your .htpasswd dir and file. Then in your .htaccess file, change the AuthUserFile directive to /home/league/.htpasswd

Make sure you have the right path, or it will not work. Check with your host for this info.

03-08-2003, 01:55 PM
Thank you.

Yes I am sure it is /home/league/ however with .htaccess in admin and .htpasswd in the root (in home/league/), I still can't get any glee with this thing. I have contacted my ISP and hope they can enlighten my darkness!

I have in the meantime installed the Admin Authen contrib and it is fine until I get it fixed.

03-12-2003, 12:45 AM
Okay !! Glee at last! I'm still not sure what happened and why but it now works.

I rewrote both files, redid a new encrypt pwd and treid it - still no go.

Then I remembered..

Undo the changes for the Authen Contrib. Did it ad whammo !

AS I said, I'm not sure what it was, miust have been a dot or ' or something I just didn't see. I don't know.

Anyway Michael, I do appreciate all your patience and help.

I'm slowly cruising thru this whole oscom land! :D