cancel
Showing results for 
Search instead for 
Did you mean: 

Protecting a website using .htaccess and .htpasswd

N/A

Protecting a website using .htaccess and .htpasswd

I have seen that you can protect a site using the above file combinations. I used this site http://www.tools.dynamicdrive.com/password/ to generate the code and I am placing it off a directory from the root of my webspace in a directory called test but I can't get it to work. Anyone have any ideas if you can use this on plusnet servers ?

Thanks Ivan
8 REPLIES
N/A

Protecting a website using .htaccess and .htpasswd

I *think* there may be problems with it on the new CGI server - haven't read up on it, but seem to recall a thread or two in the CGI and Scripting Forum to that effect, but if it's your ordinary www webspace, yes, it certainly works.

I followed this tutorial http://portal.plus.net/central/forums/viewtopic.php?t=10193
and fouled it up first time because I hadn't encrypted the password, but other than that it went fine and is still working on another directory that I've done since.
N/A

Protecting a website using .htaccess and .htpasswd

OK tried this but I think I am doing something wrong, you said you can protect a page(s) on the normal webserver eg not the CGI server so this is what I have done, maybe I am doing something wrong here as I am new to this.

Directory is off the main webspace for example

http://www.xyz.plus.com/test

(I want to protect the above directory where xyz is my site.

I have placed the .htaccess file here which contains

AuthName "Restricted Area" 

AuthType Basic
AuthUserFile http://www.xyz.plus.com/test/.htpasswd
AuthGroupFile /dev/null
require valid-user


and the .htpasswd file contains

ivan:io.pYXbIqvhtM



Is this correct as this never lets me in, I get the standard windows login box appear but that's all and after 3 attempts I get access denied.
N/A

Protecting a website using .htaccess and .htpasswd


I believe that this would be the correct code:

Quote

AuthUserFile /share/isp/plusnet/www/uu/username/htdocs/directory/.htpasswd
AuthGroupFile /dev/null
AuthName EnterPassword
AuthType Basic

require valid-user



This tutorial explains it very well.
N/A

Protecting a website using .htaccess and .htpasswd

Yes, it's the AuthUserFile line that's up the creek. When that first site that you used to generate it talks about the "absolute current path" (and says "Or simply ask your web host for this information.") that's what they are talking about - it's not just a case of using the www address.

In the PlusNet tutorial which John and I referred to, you'll find a bit that gives the line that he quotes, explaining that uu = the first two letters of your PlusNet username, and the rest is pretty obvious.

It should be all on one line (the forum's broken it up because of the length I guess) so, for a directory called "test" you'd need it to say

AuthUserFile /share/isp/plusnet/www/ie/iendicott/htdocs/test/.htpasswd
N/A

Protecting a website using .htaccess and .htpasswd

Well guys I can't thank you enough, it finally worked.

Ivan
N/A

Protecting a website using .htaccess and .htpasswd

Oh good. Smiley It's not often that I have the answer to anything - I can go back to sleep for another year now. Wink
N/A

Protecting a website using .htaccess and .htpasswd

BTW is there a way I can found out the full path like you added in the reply if I should ever need it again ? If I type pwd when I login I just get "\" as in effect this is like an NT share nt.

Thanks Ivan
N/A

Protecting a website using .htaccess and .htpasswd

Getting the path for your www pages isn't like getting the one for your cgi pages, which you'd find by using Telnet. It's a standard string which is basically the same for everyone on PlusNet - just needs those few personal bits substituting as we did above, which is explained in the tutorial.

I suppose it would have helped if we told you where it was instead of just linking to it, wouldn't it?

If you look in the "Tutorials and FAQs" section on this forum, you'll see that there's one titled "General: .htaccess" - that's the one, so if you just remember that it's there if you need it again, now that you know what's what, I'd reckon that's the easiest way of checking for the future.