Page 1 of 1

password protecting an apache folder does not work[SOLVED]

Posted: Sun Apr 30, 2006 10:45 am
by raghavan20
I am trying to password protect a folder called 'temp' under htdocs.
I am not good at Apache stuff so if I am wrong at something, please help me understand the mistake I have done.

temp is at:
I have a .htaccess file in temp folder.

Code: Select all

AuthName "Development Area"
AuthType Basic
AuthUserFile /.htpasswd
Require "rag"
I have put 'rag' instead of valid-user which was in the template, I have done this because I had the doubt that how will I tell apache which username should it use to authenticate. Can anyone tell me what encryption is this?


I have a .htpasswd file in root of Apache with content

Code: Select all

rag:.*****
But when I try to access using: http://localhost:8080/temp/phpinfo.php, it does not ask me to authenticate
fyi: phpinfo.php is a sample file that is available in the mentioned directory

Posted: Sun Apr 30, 2006 11:23 am
by raghavan20
there was a httpd setting
allowoverride none

I made it as 'all' and now it asks for the password but the problem now is, it does not accept the encrypted password. I do not know why?


.htpasswd:

rag:wwUAdW6ZJHTBk

the password is 'rag' as well

.htaccess:

AuthName "Development Area"
AuthType Basic
AuthUserFile /.htpasswd
Require user rag


Any clues?

Posted: Sun Apr 30, 2006 2:04 pm
by raghavan20
I used this http://www.kxs.net/support/htaccess_pw.html website for encrypting passwords but recently I found that when I keep refreshing the page, it returns different result each time.

Is there is any tool to generate the passwords for apache?

I have found now that crypt() can be used to generate the encrypted password. but the crypt puts in dynamic hash everytime and I think this is the reason why I get different passwords in the above web page I mentioned. but the tutorial I read also states that this is understandable by apache...but I really frustrated why the apache cannot understand still the password and still keeps reporting 401 error.

this is the error log line,

Code: Select all

[Sun Apr 30 19:59:16 2006] [error] [client 82.46.70.227] user rag: authentication failure for "/temp/phpinfo.php": Password Mismatch
password:
rag:XOpOImXWECdHI

Posted: Mon May 01, 2006 4:49 am
by raghavan20
Since the machine runs on Windows XP, it used md5 to hash the password. So we can use htpasswd tool in Apache/bin to has password.