FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 04-18-2008, 08:35 PM
Paul Heinlein
 
Default Can't get .htaccess to work

On Fri, 18 Apr 2008, Pam Astor wrote:



Hi,

I'm trying to password protect one of my web accessable
directories and I can't get .htaccess to work in a Centos 5.1 box
Here's what I did

I created an .htaccess file with the contents:

AuthName "Restricted Area"
AuthType Basic
AuthUserFile /home/mysite/.htpasswd
AuthGroupFile /dev/null
require valid-user

and I uploaded it to the dir I want to protect. Then I created my password
outside of my web dir with the command: htpasswd -c .htpasswd pam
then followed password prompts, created my password.

So then I go to the site, and am not seeing any password required box,
I can see site without a login.

So then I figured it's not turned on in apache, and went to httpd.conf and changed
AllowOverride None to AllowOverride AuthConfig

When I reload, apache will not reload.

What am I doing wrong?


The syntax for auth stuff changed between Apache 2.0 and 2.2 (which is
used in CentOS 5). In particular, you'll need a AuthBasicProvider
declaration:


http://httpd.apache.org/docs/2.2/mod/mod_auth_basic.html#authbasicprovider

--
Paul Heinlein <> heinlein@madboa.com <> http://www.madboa.com/
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-18-2008, 08:46 PM
Pam Astor
 
Default Can't get .htaccess to work

> The syntax for auth stuff changed between Apache 2.0 and 2.2 (which is
> used in CentOS 5). In particular, you'll need a AuthBasicProvider
> declaration:
>
> http://httpd.apache.org/docs/2.2/mod/mod_auth_basic.html#authbasicprovider

Hi,

Thanks much,
I read the URL, it is a bit too cryptic for me, can you or someone point me to a bit clearer step by step for setting this up correctly?
__________________________________________________ _______________
Get in touch in an instant. Get Windows Live Messenger now.
http://www.windowslive.com/messenger/overview.html?ocid=TXT_TAGLM_WL_Refresh_getintouch _042008___________________________________________ ____
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-19-2008, 12:58 AM
Fajar Priyanto
 
Default Can't get .htaccess to work

On Saturday 19 April 2008 03:35:52 Paul Heinlein wrote:
> The syntax for auth stuff changed between Apache 2.0 and 2.2 (which is
> used in CentOS 5). In particular, you'll need a AuthBasicProvider
> declaration:
>
> http://httpd.apache.org/docs/2.2/mod/mod_auth_basic.html#authbasicprovider

Thans Paul,
That's new news to me

For the OP, I believe it would be:
<Location /secure>
AuthType basic
AuthName "private area"
AuthBasicProvider file
AuthDBMType file
AuthDBMUserFile /home/mysite/.htpasswd
Require valid-user
</Location>

CMIIW,
--
Fajar Priyanto | Reg'd Linux User #327841 | Linux tutorial
http://linux2.arinet.org
07:58:09 up 48 min, 2.6.22-14-generic GNU/Linux
Let's use OpenOffice. http://www.openoffice.org
The real challenge of teaching is getting your students motivated to learn.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-19-2008, 10:37 AM
Pam Astor
 
Default Can't get .htaccess to work

> > The syntax for auth stuff changed between Apache 2.0 and 2.2 (which is
> > used in CentOS 5). In particular, you'll need a AuthBasicProvider
> > declaration:
> >
> > http://httpd.apache.org/docs/2.2/mod/mod_auth_basic.html#authbasicprovider
>
> Thans Paul,
> That's new news to me
>
> For the OP, I believe it would be:
> <Location /secure>
> AuthType basic
> AuthName "private area"
> AuthBasicProvider file
> AuthDBMType file
> AuthDBMUserFile /home/mysite/.htpasswd
> Require valid-user
> </Location>

Thanks,

OK I tried that and it still would not work, I am not prompted for
a username or password on the site I want to protect.

Do I also need to add a new entry in httpd.conf or load a new apache
module?

Use video conversation to talk face-to-face with Windows Live Messenger. Get started!
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-19-2008, 12:03 PM
"Jim Perrin"
 
Default Can't get .htaccess to work

On Sat, Apr 19, 2008 at 6:37 AM, Pam Astor <pamastor@hotmail.com> wrote:

> OK I tried that and it still would not work, I am not prompted for
> a username or password on the site I want to protect.
>
> Do I also need to add a new entry in httpd.conf or load a new apache
> module?

Not by default, no.

There are several AllowOverrides statements in the default httpd.conf.
Which did you modify?

The one you wanted should be around line 327, looking like this:

Options Indexes FollowSymLinks

#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None

#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all

</Directory>

Change the AllowOverride to AuthConfig, and that should be just about it.

You don't want to use the AuthDBMType unless you're using htdbm
instead of htpasswd to generate your password file lists.

You also need to make sure that apache has access to the area where
you're putting your .htaccess.

If you're stuffing this in your home directory like it looks above,
apache doesn't have permissions in here unless you've modified your
homedir to 711 from 700. Selinux can also cause some issues in here as
well if you have it enabled and haven't changed contexts.

Without fully seeing the config that you're using and some info about
the dir you're trying to restrict, it'll be a little harder to offer
more help.
--
During times of universal deceit, telling the truth becomes a revolutionary act.
George Orwell
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-19-2008, 12:39 PM
Pam Astor
 
Default Can't get .htaccess to work

> > Do I also need to add a new entry in httpd.conf or load a new apache
> > module?
>
> Not by default, no.
>
> There are several AllowOverrides statements in the default httpd.conf.
> Which did you modify?
>
> The one you wanted should be around line 327, looking like this:
>
> Options Indexes FollowSymLinks
>
> #
> # AllowOverride controls what directives may be placed in .htaccess files.
> # It can be "All", "None", or any combination of the keywords:
> # Options FileInfo AuthConfig Limit
> #
> AllowOverride None
>
> #
> # Controls who can get stuff from this server.
> #
> Order allow,deny
> Allow from all
>
> </Directory>
>
> Change the AllowOverride to AuthConfig, and that should be just about it.
>
> You don't want to use the AuthDBMType unless you're using htdbm
> instead of htpasswd to generate your password file lists.
>
> You also need to make sure that apache has access to the area where
> you're putting your .htaccess.
>
> If you're stuffing this in your home directory like it looks above,
> apache doesn't have permissions in here unless you've modified your
> homedir to 711 from 700. Selinux can also cause some issues in here as
> well if you have it enabled and haven't changed contexts.
>
> Without fully seeing the config that you're using and some info about
> the dir you're trying to restrict, it'll be a little harder to offer
> more help.

I reset AllowOverride* to AuthConfig and it's still not working.

OK the dir I am trying to password protect (named www) is the home or main or root directory of
www.mydomain.com - it is owned by apache* The permissions on www were set to 755.* .htaccess is located
inside www and is also owned by apache.* .htpasswd is just below, or outside of www* and outside of web access
and is also owned by apache.

I do have selinux enabled I believe.

For my httpd.conf, I have one main configuration file in /etc/httpd/conf and for each virtual domain, I have individual
www.mydomain.com.conf files with associated virtual host tags inside, and located in /etc/httpd/conf.d directory.

I also tried placing the AllowOverride AuthConfig directive inside the individual conf.d virtual domain

files but then apache would not reload, so I took them out and reloaded again.

Are the individual conf.d files causing the problem?





Going green? See the top 12 foods to eat organic.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-19-2008, 12:56 PM
Pam Astor
 
Default Can't get .htaccess to work

>


> > Do I also need to add a new entry in httpd.conf or load a new apache
>> > module?
> >
> >Not by default, no.
>>
> >There are several AllowOverrides statements in the default httpd.conf.
> >Which did you modify?
> >
> >The one you wanted should be around line 327, looking like this:
>>
> > Options Indexes FollowSymLinks
>>
>> #
>> # AllowOverride controls what directives may be placed in .htaccess files.
>> # It can be "All", "None", or any combination of the keywords:
>> # Options FileInfo AuthConfig Limit
>> #
> > AllowOverride None
>>
>> #
>> # Controls who can get stuff from this server.
>> #
> > Order allow,deny
> > Allow from all
>>
>> </Directory>
>>
>> Change the AllowOverride to AuthConfig, and that should be just about it.
>>
>> You don't want to use the AuthDBMType unless you're using htdbm
>> instead of htpasswd to generate your password file lists.
>>
>> You also need to make sure that apache has access to the area where
>> you're putting your .htaccess.
>>
>> If you're stuffing this in your home directory like it looks above,
>> apache doesn't have permissions in here unless you've modified your
>> homedir to 711 from 700. Selinux can also cause some issues in here as
>> well if you have it enabled and haven't changed contexts.
>>
>> Without fully seeing the config that you're using and some info about
>> the dir you're trying to restrict, it'll be a little harder to offer
>> more help.
>
>I reset AllowOverride* to AuthConfig and it's still not working.
>
>OK the dir I am trying to password protect (named www) is the home or main or root directory of
>www.mydomain.com - it is owned by apache* The permissions on www were set to 755.* .htaccess is located
>inside www and is also owned by apache.* .htpasswd is just below, or outside of www* and outside of web access
>and is also owned by apache.
>
>I do have selinux enabled I believe.
>
>For my httpd.conf, I have one main configuration file in /etc/httpd/conf and for each virtual domain, I have individual
>www.mydomain.com.conf files with associated virtual host tags inside, and located in /etc/httpd/conf.d directory.
>
>I also tried placing the AllowOverride AuthConfig directive inside the individual conf.d virtual domain

>files but then apache would not reload, so I took them out and reloaded again.
>
>Are the individual conf.d files causing the problem?
>
In addition to the above, I have tried all three of the two below contents inside of my
.htaccess file as suggested:

<Location /secure>
AuthType basic
AuthName "private area"
AuthBasicProvider file
AuthDBMUserFile /home/maindir/.htpasswd
Require valid-user
</Location>

<Location /secure>

AuthType basic

AuthName "private area"

AuthBasicProvider file
Require valid-user

</Location>

AuthUserFile /home/maindir/.htpasswd
AuthType Basic
AuthName "My Secret Folder"
Require valid-user





Going green? See the top 12 foods to eat organic.

Use video conversation to talk face-to-face with Windows Live Messenger. Get started!
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-19-2008, 02:16 PM
"Jim Perrin"
 
Default Can't get .htaccess to work

On Sat, Apr 19, 2008 at 8:56 AM, Pam Astor <pamastor@hotmail.com> wrote:

> >For my httpd.conf, I have one main configuration file in /etc/httpd/conf
> and for each virtual domain, I have individual
> >www.mydomain.com.conf files with associated virtual host tags inside, and
> located in /etc/httpd/conf.d directory.

Okay. These are vhost configs only. You *can* set them globally in
httpd.conf, but they can be overwritten later, so it's best to do it
vhost by vhost.

> >
> >I also tried placing the AllowOverride AuthConfig directive inside the
> individual conf.d virtual domain
> >files but then apache would not reload, so I took them out and reloaded
> again.

This depends on where within the vhost config you put them. Apache
should tell you exactly what line of the config the error is on, and
what exactly is wrong with it.


> >Are the individual conf.d files causing the problem?

Only because they aren't formatted properly.


> <Location /secure>
> AuthType basic
> AuthName "private area"
> AuthBasicProvider file
> AuthDBMUserFile /home/maindir/.htpasswd
> Require valid-user
> </Location>

This one is wrong because you're pointing a DBM statement to a flat
user file which isn't in dbm format.

> <Location /secure>
> AuthType basic
> AuthName "private area"
> AuthBasicProvider file
> Require valid-user
> </Location>

This one sets the auth type outside everything else, and provides
multiple names.

> AuthUserFile /home/maindir/.htpasswd
> AuthType Basic
> AuthName "My Secret Folder"
> Require valid-user



Here's a statement that I know works, from my nagios setup at home,
altered for what you're looking to do.


<Directory "/change/this">
Options None
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /etc/httpd/htpasswd.users
Require valid-user
</Directory>


--
During times of universal deceit, telling the truth becomes a revolutionary act.
George Orwell
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-19-2008, 02:51 PM
Pam Astor
 
Default Can't get .htaccess to work

> > >For my httpd.conf, I have one main configuration file in /etc/httpd/conf
> > and for each virtual domain, I have individual
> > >www.mydomain.com.conf files with associated virtual host tags inside, and
> > located in /etc/httpd/conf.d directory.
>
> Okay. These are vhost configs only. You *can* set them globally in
> httpd.conf, but they can be overwritten later, so it's best to do it
> vhost by vhost.

OK so do/set what vhost by vhost?* Place the* AllowOverride AuthConfig
directive vhost by vhost?* If that's what yo u meant, I tried again inserting the

<Directory />
*** Options FollowSymLinks
*** AllowOverride AuthConfig
</Directory>

and the

<Directory />
*** AllowOverride AuthConfig
</Directory>

directives inside the individual vhost file and am still not getting a login prompt on the site.
However this time, apache did reload for both directives.
The reason why It did not reload last time, was because all I did earlier was
insert the AllowOverride AuthConfig statement inside the vhost file, without the directory tags,
so at least there is some progress there

> > >I also tried placing the AllowOverride AuthConfig directive inside the
> > individual conf.d virtual domain
> > >files but then apache would not reload, so I took them out and reloaded
> > again.
>
> This depends on where within the vhost config you put them. Apache
> should tell you exactly what line of the config the error is on, and
> what exactly is wrong with it.

I did not get indication from apache what line the syntax error
was or what file either, all I got was:

Reloading httpd: not reloading due to configuration syntax error
************************************************** ******** [FAILED]
But I guess that point is moot now since at least httpd is reloading.
I have however got line-syntax indications for other apache errors,
just don't know why I was not getting them for this error.

*
> > >Are the individual conf.d files causing the problem?
>
> Only because they aren't formatted properly.
>
>
> > <Location /secure>
> > AuthType basic
> > AuthName "private area"
> > AuthBasicProvider file
> > AuthDBMUserFile /home/maindir/.htpasswd
> > Require valid-user
> > </Location>
>
> This one is wrong because you're pointing a DBM statement to a flat
> user file which isn't in dbm format.
>
> > <Location /secure>
> > AuthType basic
> > AuthName "private area"
> > AuthBasicProvider file
> > Require valid-user
> > </Location>
>
> This one sets the auth type outside everything else, and provides
> multiple names.
>
> > AuthUserFile /home/maindir/.htpasswd
> > AuthType Basic
> > AuthName "My Secret Folder"
> > Require valid-user
>
>
>
> Here's a statement that I know works, from my nagios setup at home,
> altered for what you're looking to do.
>
>
> <Directory "/change/this">
> Options None
> AuthName "Nagios Access"
> AuthType Basic
> AuthUserFile /etc/httpd/htpasswd.users
> Require valid-user
> </Directory>

OK, just to make sure I am doing this exactly correct,
do I substitute "Nagios Access" to whatever login name I used when I
created my .htpasswd file?

Also, for Directory "/change/this", do I set this to the directory
where my .htpasswd file is located? Or is this the path to the dir I am trying to
protect?

Or, for AuthUserFile /etc/httpd/htpasswd.users, is this the path and filename
of the .htpasswd file?








Get in touch in an instant. Get Windows Live Messenger now.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-19-2008, 04:31 PM
Kai Schaetzl
 
Default Can't get .htaccess to work

Jim Perrin wrote on Sat, 19 Apr 2008 10:16:54 -0400:

> <Directory "/change/this">

Jim, you forget that he's using .htaccess, the above cannot work there. He
has to leave that out.

Pam: if you can access the directory just fine this does *not* mean that
you misconfigured your .htaccess file (although it looked like that as
well), it means it is not getting used at all. An .htaccess file that is
not allowed by server config or that contains wrong configuration throws a
500 Internal Server Error. You have also been told a while back I think
that you should look in the logs. Did you do that? I don't remember having
seen any response from you about that.
Do the following: place a single fake command like "this is a fake
command" in your .htaccess file and then access the directory. If you
don't get a 500 error, the file is not getting used. Which means next step
is to check your logs and your configuration why it's not getting used and
also double-check that it's in the correct directory and you access the
correct directory (as I don't know what content you have there this
content may either be identifying it uniquely or not).

You should also read the Apache documentation at httpd.apache.org, it may
help you find that probably tiny mistake that you make, but we can't tell
you as we don't see all of the picture. You should also read up on how you
can achieve the password protection without an .htaccess file. This file
is completely unnecessary if you have access to the apache conf, anyway.


Kai

--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com



_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 05:37 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org