Okay this might be a very obvious one however...
I have the following in my .htaccess file
AuthType Basic
AuthName "Message"
AuthUserFile /www/sites/5ce/448/domainname/folder.htpasswd
require valid-user
Which works fine for password protecting the folder it's placed in.
I also have in another .htaccess file (when I remove the first one)
Options +indexes
Which works fine for showing the directory folder and included files on browser.
When I put these together i get Error 500. How do you essentially enable directory view but password protected?
There shouldn't be a space between the + and the indexes.
Try this:
AuthType Basic
AuthName "Message"
AuthUserFile /www/sites/5ce/448/domainname/folder.htpasswd
require valid-user
Options +Indexes
Related
I would like to protect the protect-me-dir directory with http password. I tried this code:
AuthType Basic
AuthName "restricted area"
AuthUserFile /home/iterator/public_html/protect-me-dir/.htpasswd
require valid-user
It works, but unfortunately it asks for the password everywhere, not just in protect-me-dir. How is it possible to protect only that directory?
If I put this code inside <Directory "/home/iterator/public_html/protect-me-dir">...</Directory>, I get Internal Server Error
Just put the .htaccess file in the directory you want to password-protect. It is a per-directory config file.
I'm trying to protect a directory adding a .htaccess and a .htpasswd but instead asking me for password, it goes to the home page of my site directly.
My .htaccess is being read (put some garbage in it and I got 500 error).
Here's my .htaccess :
AuthName "Page d'administration protégée"
AuthType Basic
AuthUserFile "/Applications/MAMP/htdocs/backoffice_mollanger/app/.htpasswd"
Require valid-user
And my .htpasswd
Admin:gl0IiOirI2n6M
First of all, remove the speech marks you have around the .htpasswd location, they should not be there. If that does not help then try using this, you can specify the directory you want to protect by stating the file name in replace of example:
<Files /example>
AuthName "Page d'administration protégée"
AuthType Basic
AuthUserFile /Applications/MAMP/htdocs/backoffice_mollanger/app/.htpasswd
Require valid-user
</Files>
I have a folder on my apache virtualhost called 'ProtectedFiles'
I want indexing available for this section, so all the files in this folder can be shown, but I want one of the files themselves to be password protected.
Folder structure:
site
site/ProtectedFiles
site/ProtectedFiles/Dummy1, Dummy2, Dummy3, .htaccess
In my .htaccess I have the following.
AuthUserFile /etc/httpd/conf/.htpasswd
AuthName "Protected files"
AuthType Basic
<Files "Dummy1">
require valid-user
</Files>
So I am password protecting the file 'Dummy1' and it works, when I go to site/ProtectedFiles/Dummy1 it asks for a password, but the file doesn't show in the directory / index.
Basically, asking how do you password protect AND show the file in the directory.
You can use IndexOptions +ShowForbidden directive to display files that require a password, and the FilesMatch directive to indicate which files you want to protect.
IndexOptions +ShowForbidden
<FilesMatch "Dummy[0-9]+">
AuthName "Username and password required"
AuthUserFile .htpasswd
Require valid-user
AuthType Basic
</FilesMatch>
Don't leave the .htpasswd file in the same directory - this is just an example.
I am trying to protect my directory with apache password protection, basically their is a subdirectory named reg in my /var/www folder. now, I have .htaccess in the /var/www/reg folder and the content is
AuthUserFile /var/www/.htpasswd
AuthName "Please Log In"
AuthType Basic
require valid-user
and a .htpasswd file in /var/www folder and the content is
xyz:AFm9t1CfobrkA
but when I try to access the folder typing localhost/reg no pop up box appear asking for username and password. Where am I wrong?
I have .htaccess file like this:
AuthUserFile /data/www/.../http-users
AuthType Basic
AuthName "private"
require user cf
And it works. What you could do:
Detect the possible cause by looking into the error log. In many cases you have access to it even on hosting environments
Make sure AllowOverride AuthConfig is set. You cannot set it in .htaccess, you must do it in the server configuration file. In a hosting environment, you have to ask your hosting provider.
Not very likely, but it could be the dot - try to rename the .htpasswd file to htpasswd
Its definitelly not caused by missing the <directory> container as noted in the discussion
Currently on my server I have a .htaccess file in the root of my web directory -
AuthUserFile /path/to/root/www/.htpasswd
AuthType Basic
AuthName "Economic Complexity Observatory"
Require valid-user`
And this works great properly password protecting my whole site. The only problem is that I have this one sub directory that I DON'T WANT to to be password protected. Is there a way to specify that one specific directory will be free of password protection?
There is a way just using .htaccess. I saw this answer elsewhere
Just create an .htaccess file in the non-password protected subdirectory with the content:
Satisfy any
and that's it.
It worked for me.
If you have access to httpd.conf you can use the following (the "directory" directive cannot be used in .htaccess):
<Directory />
AuthUserFile /path/to/root/www/.htpasswd
AuthType Basic
AuthName "Economic Complexity Observatory"
Require valid-user
</Directory>
<Directory /path/to/unprotected/dir>
Satisfy All
</Directory>
I am not aware of a way to do it with htaccess without putting a separate .htaccess in each directory excluding the directory that should not be protected.