can someone pleaseee help? .htaccess trouble

[cloudie]

hi,

i'm currently installing OSC offline on my local computer and have come to the last few steps.

i am meant to:

-Password protect your /catalog/admin dir using .htaccess and the oscdox tells me to:

add this code to my .htaccess file
AuthType Basic
AuthName "Locked Area"
AuthUserFile /home/youraccount/.htpasswds/admin/passwd
require valid-user

the thing is, there is a .htacess file in
www/catalog
www/catalog/admin
www/catalog/includes
www/catalog/pub

which of the .htaccess files should I add the code to? or am i meant to write a new .htaccess file?

also, i am meant to creat a .htpasswd file. after i create this file, which folder do I put the .htpasswd file in??

pleaseeee help!

[jonthewebb]

The htaccess password protects all directories underneath, as well as the one it is in, it by default. So put it in /admin.

There are many functions the htaccess carries out besides password-protecting, the one in includes prevents direct http acces for example, to stop people requesting sensitive files. So leave them as they are.

You will need to generate an htaccess password, the easiest way is through a web facility eg here:

http://www.kxs.net/support/htaccess_pw.html

(there are many others like that).

then store the file containing the userassword BENEATH your web root, obviously you don't want anyone to access the file. You pass the path to the file in the htaccess as above, the example they used was /home/youraccount/.htpasswds/admin/passwd

it will vary for your server.


hope this helps


jon

[cloudie]

thanks heaps jon!