password protecting an apache folder does not work[SOLVED]

Need help installing PHP, configuring a script, or configuring a server? Then come on in and post your questions! We'll try to help the best we can!

Moderator: General Moderators

Post Reply
User avatar
raghavan20
DevNet Resident
Posts: 1451
Joined: Sat Jun 11, 2005 6:57 am
Location: London, UK
Contact:

password protecting an apache folder does not work[SOLVED]

Post by raghavan20 »

I am trying to password protect a folder called 'temp' under htdocs.
I am not good at Apache stuff so if I am wrong at something, please help me understand the mistake I have done.

temp is at:
I have a .htaccess file in temp folder.

Code: Select all

AuthName "Development Area"
AuthType Basic
AuthUserFile /.htpasswd
Require "rag"
I have put 'rag' instead of valid-user which was in the template, I have done this because I had the doubt that how will I tell apache which username should it use to authenticate. Can anyone tell me what encryption is this?


I have a .htpasswd file in root of Apache with content

Code: Select all

rag:.*****
But when I try to access using: http://localhost:8080/temp/phpinfo.php, it does not ask me to authenticate
fyi: phpinfo.php is a sample file that is available in the mentioned directory
Last edited by raghavan20 on Mon May 01, 2006 4:49 am, edited 1 time in total.
User avatar
raghavan20
DevNet Resident
Posts: 1451
Joined: Sat Jun 11, 2005 6:57 am
Location: London, UK
Contact:

Post by raghavan20 »

there was a httpd setting
allowoverride none

I made it as 'all' and now it asks for the password but the problem now is, it does not accept the encrypted password. I do not know why?


.htpasswd:

rag:wwUAdW6ZJHTBk

the password is 'rag' as well

.htaccess:

AuthName "Development Area"
AuthType Basic
AuthUserFile /.htpasswd
Require user rag


Any clues?
User avatar
raghavan20
DevNet Resident
Posts: 1451
Joined: Sat Jun 11, 2005 6:57 am
Location: London, UK
Contact:

Post by raghavan20 »

I used this http://www.kxs.net/support/htaccess_pw.html website for encrypting passwords but recently I found that when I keep refreshing the page, it returns different result each time.

Is there is any tool to generate the passwords for apache?

I have found now that crypt() can be used to generate the encrypted password. but the crypt puts in dynamic hash everytime and I think this is the reason why I get different passwords in the above web page I mentioned. but the tutorial I read also states that this is understandable by apache...but I really frustrated why the apache cannot understand still the password and still keeps reporting 401 error.

this is the error log line,

Code: Select all

[Sun Apr 30 19:59:16 2006] [error] [client 82.46.70.227] user rag: authentication failure for "/temp/phpinfo.php": Password Mismatch
password:
rag:XOpOImXWECdHI
User avatar
raghavan20
DevNet Resident
Posts: 1451
Joined: Sat Jun 11, 2005 6:57 am
Location: London, UK
Contact:

Post by raghavan20 »

Since the machine runs on Windows XP, it used md5 to hash the password. So we can use htpasswd tool in Apache/bin to has password.
Post Reply