Very Computer

I am trying to setup my username / password file for a folder on my website.
The problem is that I don't have telnet access to my site, and so can't use
htpasswd.

Is it possible to create the .htpasswd file offline, and upload it to my
site via ftp?

I have copied an example from the web to my folder, and although I get the
password entry box, the user / password combination are not accepted.

At this stage, I am not concerned with making the security "bullet proof"
and have stored .htaccess and .htpasswd in the same folder on my site.

In theory, using the following files, and supplying the username/password
combo of fido/bones should allow access to the folder, but this is not the
case.

Here is a copy of my .htaccess file...

AuthUserFile /home/sites/site58/web/martin/.htpasswd
AuthGroupFile /dev/null
AuthName ExampleByPassword
AuthType Basic
<Limit GET>
require user fido
</Limit>

Here is a copy of my .htpasswd file...

fido:h5HhgnhegqFIw

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello MartinT,

Quote:> I am trying to setup my username / password file for a folder on my
> website. The problem is that I don't have telnet access to my site,
> and so can't use htpasswd.

> Is it possible to create the .htpasswd file offline, and upload it
> to my site via ftp?

Yes, go to http://www.hwired.com/tools/makepass.shtml
and fill in your username / password that you want encrypted.  Then
copy
the output to your .htpasswd file and upload it.

Quote:

> I have copied an example from the web to my folder, and although I
> get the password entry box, the user / password combination are not
> accepted.

> At this stage, I am not concerned with making the security "bullet
> proof" and have stored .htaccess and .htpasswd in the same folder
> on my site.

> In theory, using the following files, and supplying the
> username/password combo of fido/bones should allow access to the
> folder, but this is not the case.

> Here is a copy of my .htaccess file...

> AuthUserFile /home/sites/site58/web/martin/.htpasswd
> AuthGroupFile /dev/null
> AuthName ExampleByPassword
> AuthType Basic
> <Limit GET>
> require user fido
> </Limit>

> Here is a copy of my .htpasswd file...

> fido:h5HhgnhegqFIw

make sure you move your .htpasswd file to a directory that is not
accessible
via http after you get his going.

here is the username:password encryption for the following login and
pass you specified in your email.

Username: fido Password: bones
fido:aeumx.volNhyY

Have Fun!
daltrix

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBOxUXTI/YDJw8ysF7EQIZAwCgnScaDL/mbgD5L0WB20SJxNVVG84AoPG4
GYRvC2ZKocvotgO1UvnjMRxv
=Scc6
-----END PGP SIGNATURE-----

daltrix,

Thanks for your reply - I still have the same problem that my
username/password combo don't work - have you any other suggestions?
otherwise, I will have to assume that my isp is to blame.

Regards,

Martin

Nope, the admins probably did a good job and did put
"AllowOverride None" in the right position in httpd.conf, case they
are really using apache.

You should ask you ISP, if it's possible for you to use .htaccess.

Good luck

Michael Heiming

Wed, 30 May 2001 14:39:47 +0100, MartinT  to All:

Quote:> Here is a copy of my .htaccess file...
> AuthUserFile /home/sites/site58/web/martin/.htpasswd
> AuthGroupFile /dev/null
> AuthName ExampleByPassword
> AuthType Basic
> <Limit GET>
> require user fido

          ^^^^^^^^
Change this to  "require valid-user"

Quote:> </Limit>

and ensure that your .htpasswd is readable by the "apache" user (or
whatever user your httpd uses).

--
  May the bluebird of happiness twiddle your bits.