Knestis Posted December 30, 2004 Posted December 30, 2004 I'm setting up password protection on the Admin poriton of my osCommerce store, and put this in .htaccess in that directory: AuthUserFile /home/content/... /html/.htpasswd <- full pathname of .htpasswd, edited here AuthGroupFile /dev/null AuthName P4DL Catalog Admin AuthType Basic require valid-user I then put .htpasswd where it would be expected, per the pathname above... kknestis:password <- not my actual password, of course When I tried to get into Admin in my browser (Firefox), I got the user/password demand window but when I entered my information, the window just popped up empty again. I tried a couple times, thinking i'd messed up the PW, and then got an Apache "Internal Server Error" message. I ftp'd both files back off of the server and let my hosting co. know that I'd dorked them up. Any ideas where I went wrong? I'm not a complete putz but this isn't my primary job, so be gentle. I took my host's word on the pathname to .htpasswd - if that were wrong, would it likely result in the error that I saw (or created)? I also didn't encrypt the password in any way, not being clear if it is necessary - or just useful - for it to be encoded. This is my first guess as to where I screwed up. Thanks in advance for any ideas... Kirk
OceanRanch Posted December 30, 2004 Posted December 30, 2004 I also didn't encrypt the password in any way, not being clear if it is necessary - or just useful - for it to be encoded. This is my first guess as to where I screwed up. Your first guess is correct, the password needs to be MD5 encoded. Straighten that out first. There are lots of tools that will do this for you. Search here for htpasswd and/or if you have apache installed use it's command line version of htpasswd to create the htpasswd file. HTH Tom
dad7732 Posted December 30, 2004 Posted December 30, 2004 In your /home/content/... /html/ % htpasswd -m username password The password you choose will be MD5 encrypted. A .htpasswd file will be created with the correct info, as such: username:Id8mqT <-- encrypted password example Your .htaccess should then be: AuthUserFile /home/content/.../html/ .htpasswd AuthGroupFile /dev/null AuthName ByPassword AuthType Basic require user username where "username" is your username
conno Posted December 30, 2004 Posted December 30, 2004 In your /home/content/... /html/ % htpasswd -m username password The password you choose will be MD5 encrypted. A .htpasswd file will be created with the correct info, as such: username:Id8mqT <-- encrypted password example Your .htaccess should then be: AuthUserFile /home/content/.../html/ .htpasswd AuthGroupFile /dev/null AuthName ByPassword AuthType Basic require user username where "username" is your username <{POST_SNAPBACK}> I was wondering about this also. Thanks dad7732 conno ----------------------------------------------------- Contribs I am using 1. register_globals_v1.2.1. Richard Bentley 2. Template for fixed width site. Rhea Anthony 3. OsPlayer v2.0b. ManMachine
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.