htaccess

htaccess

Post by Andrew Wes » Fri, 07 Sep 2001 20:31:19



Help,

    I've recently started using a apache server running on a linux box as a
sort of test bed. The trouble is I can figure out how to create the
passwords for the htpasswd files. I've tried the htpasswd perl script, but
this doesn't seem to create passwords of the right encryption type. Could
some one please help me with a little plain easy to follow advice on how to
setup another username and password on an already existing htpasswd.

Thanks

    Andrew

 
 
 

htaccess

Post by Alex Brow » Sat, 08 Sep 2001 14:21:25



> Help,

>     I've recently started using a apache server running on a linux box as a
> sort of test bed. The trouble is I can figure out how to create the
> passwords for the htpasswd files. I've tried the htpasswd perl script, but
> this doesn't seem to create passwords of the right encryption type. Could
> some one please help me with a little plain easy to follow advice on how to
> setup another username and password on an already existing htpasswd.

look at the htpasswd stuff on the Apache site or use a great new tool
called "a search engine"

Alex

 
 
 

htaccess

Post by mike gardne » Sat, 08 Sep 2001 17:48:04



>     I've recently started using a apache server running on a linux box as a
> sort of test bed. The trouble is I can figure out how to create the
> passwords for the htpasswd files. I've tried the htpasswd perl script, but
> this doesn't seem to create passwords of the right encryption type. Could
> some one please help me with a little plain easy to follow advice on how to
> setup another username and password on an already existing htpasswd.

Apache week have a gentle introduction to user authentication at:
http://www.apacheweek.com/features/userauth

Once you've created your htpasswd file with one username (htpasswd -c
/path/to/my/.htpasswd username) you just add more users with htpasswd without
the -c flag (htpasswd /path/to/my/.htpasswd username2).

cheers,
mike

 
 
 

htaccess

Post by David Efflan » Sat, 08 Sep 2001 21:57:13



> Help,

>     I've recently started using a apache server running on a linux box as a
> sort of test bed. The trouble is I can figure out how to create the
> passwords for the htpasswd files. I've tried the htpasswd perl script, but
> this doesn't seem to create passwords of the right encryption type. Could
> some one please help me with a little plain easy to follow advice on how to
> setup another username and password on an already existing htpasswd.

On most Unix boxes the Perl crypt() would use the system crypt() and so
would apache.  But you cannot use DES passwords if the system uses MD5 and
vice versa.  An htpasswd file is a simple list of colon separated
(anything after optional 2nd colon ignored):

username:crypted_passwd
or
username:crypted_passwd:comment_or_other_ignored_data

But if your webserver is a Windows box, it might not have a system crypt()
and you likely have to use the htpasswd program that comes with apache.  
Or I heard that some Windows might use plain text passwords.

If you are on a Cobalt server, read recent news postings from the past
week or do a news search about "Cobalt htpasswd".  It seems to use system
passwords by default instead of your own htpasswd.

--
David Efflandt - All spam is ignored - http://www.de-srv.com/
http://www.autox.chicago.il.us/  http://www.berniesfloral.net/
http://cgi-help.virtualave.net/  http://hammer.prohosting.com/~cgi-wiz/

 
 
 

htaccess

Post by Greg Scharlema » Tue, 11 Sep 2001 16:25:31


I set up a .htaccess file in a a directory say: /www/protected
It works fine. The problem comes when I try to access
/www/protected/one
I get a forbidden page, you do not have access to /www/protected/one
on this server. Can anyone tell me why this is. I thought I would have
access to the subdirectories of the protected directory with no
problem.

Thanks

 
 
 

htaccess

Post by David Efflan » Wed, 12 Sep 2001 09:46:04



Quote:> I set up a .htaccess file in a a directory say: /www/protected
> It works fine. The problem comes when I try to access
> /www/protected/one
> I get a forbidden page, you do not have access to /www/protected/one
> on this server. Can anyone tell me why this is. I thought I would have
> access to the subdirectories of the protected directory with no
> problem.

.htaccess applies to the directory it is in and any subdirectories unless
you change that with an .htaccess in a subdir.

What are system file permissions of 'protected' and 'one'?  Unless it is
CGI under suexec, all directories in the full system path typically need
at least 701 permission (unless owned by the user and group that apache
is running as).

--
David Efflandt - All spam is ignored - http://www.de-srv.com/
http://www.autox.chicago.il.us/  http://www.berniesfloral.net/
http://cgi-help.virtualave.net/  http://hammer.prohosting.com/~cgi-wiz/

 
 
 

htaccess

Post by Greg Scharlema » Wed, 12 Sep 2001 16:44:58




> > I set up a .htaccess file in a a directory say: /www/protected
> > It works fine. The problem comes when I try to access
> > /www/protected/one
> > I get a forbidden page, you do not have access to /www/protected/one
> > on this server. Can anyone tell me why this is. I thought I would have
> > access to the subdirectories of the protected directory with no
> > problem.

> .htaccess applies to the directory it is in and any subdirectories unless
> you change that with an .htaccess in a subdir.

> What are system file permissions of 'protected' and 'one'?  Unless it is
> CGI under suexec, all directories in the full system path typically need
> at least 701 permission (unless owned by the user and group that apache
> is running as).

I made sure that 'protected' and 'one' both were readable and
executable by everyone.

Do I need to have a second .htaccess file within the 'one' that
specifies that access should be granted without a username and
password? If so what does the .htaccess file in the subdir look like?

Thanks, Greg

 
 
 

1. How to prevent reading of .htaccess in a .htaccess ?

Hello,

I use Apache 1.3.20 on Solaris 2.6 and i want to know how i can prevent
reading of .htaccess IN
a .htaccess (not a <directory> directive).

Basically this is what i want :
http://www/guest/noguest/

In this case i want that the .htaccess in /guest prevent the reading of
the .htaccess in noguest.
(and i all the directories below)

I don't want a <directory> directive because in this case this is the
admin (me) who edit the httpd.conf
and not the user who manage his directory (and put the .htaccess).

Best regards, thanks per advance for your answers,

--
 Ludovic.Maitre at sophia.inria.fr

 INRIA - 2004 route des lucioles - BP 93    Tel: (33/0) 4 92 38 50 41
 06902   SOPHIA-ANTIPOLIS cedex (France)    Fax: (33/0) 4 92 38 76 02
 Free online CSS editor :

http://www-sop.inria.fr/semir/personnel/Ludovic.Maitre/freestyle/free...

2. Does anybody know a good book about programming for Linux?

3. HTACCESS

4. HELP! Guidance needed!

5. htaccess problems

6. experience with ISDN

7. Problem with htaccess and htpasswd

8. 5th Annual Linux Showcase and Conference

9. htaccess/htpasswd setup??

10. htaccess apache: how to except a user

11. can .htaccess use NT password?

12. HTTP_ACCEPT and .HTACCESS

13. .htaccess mod_rewrite Same host different starting pages