password protect website with .htaccess and .htpasswd - error - "Could not open password file:" - apache

We have Plesk site builder through our webhosting with Charter. Using it to create a simple development website.
I am trying to password protect the site using .htaccess / .htpasswd.
I keep getting this error no matter what I do:
[Wed Apr 06 09:02:57 2016] [error] [client 66.169.84.65] (2)No such file or directory: Could not open password file: /.htpasswd
[Wed Apr 06 09:02:57 2016] [error] [client 66.169.84.65] access to / failed, reason: verification of user id 'heather' not configured
[Wed Apr 06 09:03:52 2016] [error] [client 66.169.84.65] (2)No such file or directory: Could not open password file: /etc/httpd/.htpasswd
[Wed Apr 06 09:03:52 2016] [error] [client 66.169.84.65] access to / failed, reason: verification of user id 'admin' not configured
[Wed Apr 06 09:03:56 2016] [error] [client 66.169.84.65] (2)No such file or directory: Could not open password file: /etc/httpd/.htpasswd
[Wed Apr 06 09:03:56 2016] [error] [client 66.169.84.65] access to / failed, reason: verification of user id 'heather' not configured
[Wed Apr 06 09:05:11 2016] [error] [client 66.169.84.65] (2)No such file or directory: Could not open password file: /etc/httpd/HTTP/.htpasswd
[Wed Apr 06 09:05:11 2016] [error] [client 66.169.84.65] access to / failed, reason: verification of user id 'admin' not configured
[Wed Apr 06 09:05:15 2016] [error] [client 66.169.84.65] (2)No such file or directory: Could not open password file: /etc/httpd/HTTP/.htpasswd
[Wed Apr 06 09:05:15 2016] [error] [client 66.169.84.65] access to / failed, reason: verification of user id 'heather' not configured
I'm not very familiar with Parallels Plesk - and getting a hold of their support is like pulling teeth.
I've checked and double checked the path to the .htpasswd file; seems right.
I've moved it and the .htaccess file to see if I just
don't have it in the right place
I'm not sure what the problem is. I get the authentication box (I notice it doesn't have my "Please Login" message though...
here is the code for the .htaccess file:
#
# AUTHENTICATION
#
### BASIC PASSWORD PROTECTION
AuthUserFile /etc/httpd/HTTP/.htpasswd
AuthName "Please Login"
AuthType basic
<Limit GET POST>
Require valid-user
</Limit>
ANY Help is greatly appreciated or leads in the right direction. THANKS IN ADVANCE!!

Just generate /etc/httpd/HTTP/.htpasswd file by command:
# htpasswd /etc/httpd/HTTP/.htpasswd UserNameYouWant
it asks you for password and generate password file with user UserNameYouWant

Are you sure the file .htpasswd is there in /etc/httpd/HTTP/ directory. otherwise create 1 with the below command
sudo htpasswd -c /etc/apache2/.htpasswd heather
Here you go for step by step configuration:

If you're using CentOS, then probably SELinux is blocking access to that file if the file is outside the webserver root directory. (that's what happened to me).
Solution
Move the file to your web server root directory then restore the file SELinux context using these commands :
mv /path/to/.httpasswd /var/www/html/
restorecon -v /var/www/html/.htpasswd

It's probably a permissions issue if you think the file is in the right place.
Check the file ownership and permissions with:
ls -la /path/to/file
Make sure the file/group that your apache process runs as is able to read the file.
You can check the owner of the process by running:
ps -ef | grep apache
You should see the owner of the process in the leftmost column.
If file ownership is the issue, then use chown to change ownership:
sudo chown username: /path/to/file
You need to do this as root/sudo as non-root users don't have the right to change the ownership normally.
The : after the username changes the group over to the same as the username

I ran into the same problem. For me, .htpasswd was stored under the /home/username/.htpasswds directory. I solved the error by recursively making sure the directory is executable:
chmod +x -R /home/username/.htpasswds

I had the same problem on a Rackspeed server. It was because the file passwd was missing in /home/company/.htpasswds/project/

Related

Apache2: No Effect Of ErrorLogFormat

i changed ErrorLogFormat at /etc/apache2/apache2.conf, but the this doesn't effect the log. I also added my ErrorLogFormat to the config files in the sites-enabled directory, but no effect.
ErrorLogFormat "[%{%Y-%m-%d %H:%M:%S}t] [%l] [client %a] %M"
This is the log:
[Sat Oct 13 13:01:56 2018] [error] [client 123.123.123.123:41204] AH01790: user `asd' in realm `some realm' not found: /
EDIT: It's running on a rasperry pi updated. I tested: stop and start, restart on the apache service and system reboot.
grep -r "ErrorLogFormat" /etc/apache2
revealed only the desired format, that i added at apache.conf and the conf files at sites-enabled.
In Apache 2.4 (https://httpd.apache.org/docs/2.4/mod/core.html#errorlogformat), you can use:
ErrorLogFormat "[%{cu}t] [%l] [client %a] %M"
%{cu}t: The current time in compact ISO 8601 format, including micro-seconds
In the log file it will show:
[2018-10-14 10:31:05.273482] [debug] [client AH00931: initialized single connection worker in child 4296 for (localhost)
The date format is the same as what you want, without having to specify all the rules you have.
If you use %{u}t, the log format becomes:
[Sun Oct 14 10:30:31.944078 2018] [info] [client ::1:47376] AH00128: File does not exist: /home/mbert/tools/apache/htdocs/so/oij
which is what you had previously.

"No such file or directory" when using mod_cache

I am trying to configure mod_cache to cache all web pages. I get this header every time I hit refresh
X-Cache-Detail:""cache miss: attempting entity save" from 1webwb1"
I turn on debug logging and I get this for every resource that I am trying to cache:
[Tue Jun 23 11:16:49.223441 2015] [cache:debug] [pid 31903] mod_cache.c(1326): [client 172.31.217.72:65082] AH00769: cache: Caching url: /resource?param=x, referer: http://mywebsite/
[Tue Jun 23 11:16:49.223453 2015] [cache:debug] [pid 31903] mod_cache.c(1332): [client 172.31.217.72:65082] AH00770: cache: Removing CACHE_REMOVE_URL filter., referer: http://mywebsite/
[Tue Jun 23 11:16:49.223497 2015] [cache:debug] [pid 31903] mod_cache.c(700): (2)No such file or directory: [client 172.31.217.72:65082] AH00765: cache: Cache provider's store_body failed!, referer: http://mywebsite/
I could post my httpd.conf, but honestly I used (almost) the exact same configuration on a different box and it worked.
Is there something on the box or httpd installation that could be causing this error? I am using httpd-2.4.6-18.0.1.el7_0.x86_64 on both boxes.
We've encountered the same issue. We have fixed it by changing the cache directory from /var/tmp/apache to /var/cache/apache and properly setting the permissions:
our_apache.conf:
CacheRoot /var/cache/apache
As root user:
# mkdir /var/cache/apache
# chown apache:apache /var/cache/apache
# chmod 0700 /var/cache/apache
For some reason, the permissions on /var/tmp seem to be a problem:
# ls -ld /var/tmp
drwxrwxrwt. 8 root root 4096 Mar 14 10:30 /var/tmp

mod_authz_ldap subtree query configuration failing, searching root of LDAP tree instead

I am trying to query a strange LDAP structure, which I need to authenticate against. Our app uses the REMOTE_USER variable to determine the user. I do not have access to the LDAP directory hence can't see it's logs.
The structure needs me query a sub part of the tree, demonstrated by this Perl script written to test the LDAP query (which works and returns a list of Users as expected)
use Net::LDAP;
use Net::LDAP::Entry;
$ldap = Net::LDAP->new( 'ldapdevel.my.edu.au' ) or die "$#";
$mesg = $ldap->bind( 'uid=binduser,o=my.edu.au', password => 'bindpass' );
if( $mesg->code ) {
die $mesg->error;
}
$mesg = $ldap->search( # perform a search
base => "o=my.edu.au",
filter => "cn=devraj"
);
$mesg->code && die $mesg->error;
foreach $entry ($mesg->entries) {
$entry->dump;
}
My Apache configuration has the following in the VirtualHost entry, which aims to mimic the same query as described in the Perl script.
<Location />
AuthType Basic
AuthName "My Application"
AuthBasicProvider ldap
AuthzLDAPAuthoritative off
AuthLDAPBindPassword bindpass
AuthLDAPBindDN "uid=binduser,o=my.edu.au"
AuthLDAPUrl "ldap://ldapdevel.my.edu.au/o=my.edu.au?cn?one"
Require valid-user
</Location>
I can also confirm that Apache does successfully bind to the LDAP directory.
Apache error log, messages for LDAP authentication, which indicates that the URI is / hence Apache is searching the top of the directory and not the subtree of o=my.edu.au
[Tue Sep 04 16:22:01 2012] [notice] Apache/2.2.15 (Unix) DAV/2 mod_wsgi/3.2 Python/2.6.6 configured -- resuming normal operations
[Tue Sep 04 16:22:20 2012] [info] [client xxx.xxx.xxx.xxx] [26064] auth_ldap authenticate: user devraj authentication failed; URI / [User not found][No such object]
[Tue Sep 04 16:22:20 2012] [error] [client xxx.xxx.xxx.xxx] user devraj not found:
I realise that the issue is the AuthLDAPUrl, my question is what am I doing wrong in my AuthLDAPUrl , or should I be using another directive?
I've also tried to configure each parameter to mod_authz_ldap individually as follows:
<Location />
AuthType Basic
AuthName "My LDAP authenticated app"
AuthzLDAPLogLevel debug
AuthBasicProvider ldap
AuthBasicAuthoritative off
AuthzLDAPAuthoritative off
AuthzLDAPBindPassword bindpass
AuthzLDAPBindDN "uid=binduser,o=my.edu.au"
AuthzLDAPMethod ldap
AuthzLDAPServer ldapdevel.my.edu.au
AuthzLDAPUserBase o=my.edu.au
AuthzLDAPUserKey cn
AuthzLDAPUserScope base
AuthLDAPRemoteUserAttribute cn
Require valid-user
</Location>
this actually works! BUT... Apache tried to bind as the user that's trying to log in, which obviously fails. If I login with the bind user credentials it passes the auth, Error log extract:
[Fri Sep 07 14:14:27 2012] [error] [client xxx.xxx.xxx.xxx] [15628] bind as cn=devraj,l=X,ou=Students,o=my.edu.au failed: 49
[Fri Sep 07 14:14:27 2012] [error] [client xxx.xxx.xxx.xxx] [15628] basic LDAP authentication of user 'devraj' failed
[Fri Sep 07 14:14:27 2012] [error] [client xxx.xxx.xxx.xxx] access to / failed, reason: verification of user id 'devraj' not configured
Thanks for your time.

Mercurial does not startup upon system launch [FreeBSD 9.0 Apache22]

Struggling to find a root of issue with Apache22 and mercurial. Everything seems to work right — made repository, folder with properly configured hgweb.cgi, set permissions etc.
Here comes the main problem. Everything works only if I (re)start Apache manually, using /usr/local/etc/rc.d/apache22 restart otherwise, using service apache22 restart or while whole system is booting, I'm getting up and running Apache with website accessible. But once trying to access web interface it gives me "Internal Server Error" in browser and next messages in http-error.log
[Fri Apr 20 17:49:40 2012] [error] [client 10.20.30.34] env:
[Fri Apr 20 17:49:40 2012] [error] [client 10.20.30.34] python
[Fri Apr 20 17:49:40 2012] [error] [client 10.20.30.34] :
[Fri Apr 20 17:49:40 2012] [error] [client 10.20.30.34] No such file or directory
[Fri Apr 20 17:49:40 2012] [error] [client 10.20.30.34] Premature end of script headers: hgweb.cgi
My guess is that it could be an issue with environment variables but what a heck is a difference between service run and direct call of script from /usr/local/rc.d/ ? Am I missing something?
Check PATH, it look likes python is not in your path. Maybe add /usr/local/bin to the path of the www user
Solution is really about making user running httpd (www in my case) to have $PATH adjusted. But it might not be obvious for everyone so here is what I did:
created /usr/local/etc/apache22/envvars.d/path.env with content
#!/bin/bash
export PATH=$PATH:/usr/local/bin:/usr/local/sbin
This require Apache to have env_module loaded but this looks like a standard module to be loaded in default configuration.

My repository access died when I used CVS2SVN?

I had a problem running CVS2SVN on my server. I have run it successfully before but I got a sort error in pass 5 so this time I added a sort option that pointed to a sort program on my system. (sort="C:/cygwin/bin/sort.exe"). It worked great and CVS2SVN appeared to complete successfully. So I went to my desktop to check out the files (svn co file:///C:/repo_name) and I got this error:
svn: unable to open an ra_local session to url. svn: Unable to open
repository 'file:///C:/repo_name'
When I tried to access my other repositories I got the same message. I checked the Apache log file and I found these messages:
The Apache2.2 service is restarting. Starting the Apache2.2 service.
The Apache2.2 service is running. Init: Session Cache is not
configured [hint: SSLSessionCache]
[Wed Oct 26 15:37:33 2011] [warn] pid file C:/Program Files
(x86)/Apache Software Foundation/Apache2.2/logs/httpd.pid
overwritten -- Unclean shutdown of previous Apache run?
[Wed Oct 26 15:37:40 2011] [error] Internal error: pcfg_openfile()
called with NULL filename
[Wed Oct 26 15:37:40 2011] [error] [client 147.16.148.223] (9)Bad file
descriptor: Could not open password file: (null)
[Wed Oct 26 15:38:37 2011] [error] [client 147.17.209.173]
(20014)Internal error: Can't open file 'c:\projects\svn\format':
The system cannot find the file specified.
[Wed Oct 26 15:38:37 2011] [error] [client 147.17.209.173] Could not
fetch resource information. [500, #0]
[Wed Oct 26 15:38:37 2011] [error] [client 147.17.209.173] Could not
open the requested SVN filesystem [500, #720002]
I have found that if I log on to the server I can check out the files but I when I try to check them back in I get
Error: Commit failed (details follow): Error: Could not open the
requested SVN filesystem
Prior to this, I had been trying to get SSL certificates working on my server and had been changing options in my Apache httpd file. It is currently set to the bare minimum with only one Virtual host *:80 and the following:
<Location /svn >
DAV svn
SVNListParentPath on
SVNPath "c:\projects\svn"
AuthName "Subversion repository (Basic)"
AuthType Basic
</Location>
<Location /webSVN/>
Options FollowSymLinks
AuthType Basic
AuthName "Subversion Repository (web)"
</Location>
I commented out the Include ssl.conf line that brings in all the SSL settings.
Please help! I need to be able to access my repositories from my desktop!