500 Error with .htaccess password protection - apache

I am running latest ubuntu with apache.
I have very simple html directory I want to protect using .htaccess.
I am trying to do it with:
AuthName "Restricted Area"
AuthType Basic
AuthUserFile /var/www/dev/docs/.htpasswd
Require valid-user
On my .htpasswd file I have:
user:pass
I get internal server error with this. I've been digging hard but not sure why this is happening.
If I add a this:
<Directory "/var/www/dev/docs">
AuthName "Restricted Area"
AuthType Basic
AuthUserFile /var/www/dev/docs/.htpasswd
Require valid-user
</Directory>
I can't login no matter what I do...
Thanks,

I have the same problem. But after a few trial and error, here's the fix.
You must use the full path to the .htpasswd file.
You must encapsulate the path with quotation marks "home/username/public_html/subfolder/protected/.htpasswd"
An example:
AuthUserFile "/home/username/public_html/subfolder/protected/.htpasswd"
AuthType Basic
AuthName "My restricted Area"
Require valid-user

Error #500 just means the web server isn't understanding something in your .htaccess file. There will be nothing in Apache's error log since the request doesn't even get parsed at this point.
Try putting quotes around the path to the .htpasswd file and note on some hosting companies like cough.. godaddy, 1&1 It may take several minutes for the changes in .htaccess to be picked up.
AuthType Basic
AuthName "Restricted Area"
AuthUserFile "/home/. . . . ./.htpasswd"
require valid-user

I have got same situation on Apache/2.4.6 (CentOS)
Path to htpasswd needs to be taken from $_SERVER['DOCUMENT_ROOT']
Apache has some bug (https://bz.apache.org/bugzilla/show_bug.cgi?id=54735), you need to set password from console like this:
htpasswd -nb username newpassw > <path-to>/.htpasswd
btw in Apache 2.4.6 on CentOS 7 problem still exists

Related

error 500 on xampp using htacces (Password)

Hi I am getting error 500 on Apache webserver using xampp. The error wasnt there until i used a .htaccess, .htpasswd file. I searched and i couldnt find a syntax error. I have only 1 image and the index file I want to protect. Here are the syntaxes:
.htaccess
AuthType Basic
AuthName "Prosím přihlašte se.";
AuthUserFile C:\xampp\htdocs\Zprávy 1.E\.htpasswd
require valid-user
.htpasswd
zak:$apr1$t8hZiqXE$0qdoQ/876dOqysUmww2NM/
You have syntax error on your .htaccess file, you should quote the file path because it has space between.
AuthType Basic
AuthName "Prosím přihlašte se.";
AuthUserFile "C:\xampp\htdocs\Zprávy 1.E\.htpasswd"
require valid-user

Protect only a directory with htpasswd

I would like to protect the protect-me-dir directory with http password. I tried this code:
AuthType Basic
AuthName "restricted area"
AuthUserFile /home/iterator/public_html/protect-me-dir/.htpasswd
require valid-user
It works, but unfortunately it asks for the password everywhere, not just in protect-me-dir. How is it possible to protect only that directory?
If I put this code inside <Directory "/home/iterator/public_html/protect-me-dir">...</Directory>, I get Internal Server Error
Just put the .htaccess file in the directory you want to password-protect. It is a per-directory config file.

How to add Apache2 (XAMPP) runtime argument in Windows

I am trying to set development variable for xampp under Windows in order to do this:
<IfDefine !development>
AuthType Basic
AuthName "Say the secret word"
AuthUserFile /var/www/hostname/.htpasswd
Require valid-user
</IfDefine>
on Linux you do it like this
export APACHE_ARGUMENTS=-Ddevelopment
How do I do this on Windows? I've tried to do
set APACHE_ARGUMENTS=-Ddevelopment
but it didn't work.
Any ideas?
Edit: tried to add startup parameters to apache service config, but didn't help either.
This may be a duplicate of Apache .htaccess - applying basic authentication conditionally based on environment or hostname
I have solved this issue by using the 'Allow from ....' directive.
This way I can blanket enable based off an IP ADDRESS
Here is the contents of my .htaccess file
Order deny,allow
Deny from all
AuthType Basic
AuthName "Secure Area"
AuthUserFile "/path/to/file/.htpasswd"
Require valid-user
Allow from 127.0.0.1
Satisfy Any

.htaccess doesn't ask me for password

I'm trying to protect a directory adding a .htaccess and a .htpasswd but instead asking me for password, it goes to the home page of my site directly.
My .htaccess is being read (put some garbage in it and I got 500 error).
Here's my .htaccess :
AuthName "Page d'administration protégée"
AuthType Basic
AuthUserFile "/Applications/MAMP/htdocs/backoffice_mollanger/app/.htpasswd"
Require valid-user
And my .htpasswd
Admin:gl0IiOirI2n6M
First of all, remove the speech marks you have around the .htpasswd location, they should not be there. If that does not help then try using this, you can specify the directory you want to protect by stating the file name in replace of example:
<Files /example>
AuthName "Page d'administration protégée"
AuthType Basic
AuthUserFile /Applications/MAMP/htdocs/backoffice_mollanger/app/.htpasswd
Require valid-user
</Files>

Apache http basic authentication?

Is there some simple code that I can add to an .htaccess file or my virtual host file to enforce http basic auth?
What about this ?
AuthUserFile /my/derectory/.htpasswd
Require valid-user
AuthName "Secured Access"
AuthType Basic
the interesting part for you is Require valid-user
But if you can, please provide more informations about why you have you tried to do ^^