osgodaddy Posted November 10, 2006 Share Posted November 10, 2006 I'm not sure why the catalog/admin is not secured as that is obvious to secure the admin. Most host have the .htaccess setup or should setup so no work in the server side should be needed if you hosting the site on a shared server on a linus isp. .htaccess and .htpasswd is for linux shared servers. I installed in www.godaddy.com http://help.godaddy.com/article.php?articl...c_id=&& http://en.wikipedia.org/wiki/Htaccess http://www.htaccesstools.com/htaccess-faq/ These two sites can encrypt password for .htpasswd file you need two files. that are saved in directory you want secured. .htaccess and .htpasswd created by notepad save them as all files :o NOTE: Due to server caching, new .htaccess files may take up to one hour to be recognized. Changes to existing .htaccess files are picked up immediately. It takes two hours or more for server to activate .htaccess to work. so be patient and don't upload again Using .htpasswd With Your Linux Shared Hosting Account Last Updated: October 12, 2006 5:35 PM Print This Article To protect a directory in your hosting account with a password, in that directory, create an .htaccess file that contains the following: AuthUserFile /home/content/l/o/g/login_name/html/.htpasswd AuthGroupFile /dev/null AuthName EnterPassword AuthType Basic require valid-user Where "l," "o," and "g" are the first three letters of your hosting login and "login_name" is your full hosting login. For example, the hosting login "maynard" would translate to the following path: /home/content/m/a/y/maynard/html/.htpasswd The AuthUserFile describes where the Web server looks for the .htpasswd file. The .htpasswd file contains a list of users who have access to a protected directory and their hashed passwords. There are a number of tools available online to create .htpasswd files. NOTE: Due to server caching, new .htaccess files may take up to one hour to be recognized. Changes to existing .htaccess files are picked up immediately. NOTE: Our servers are configured to prevent the downloading of both .htaccess and .htpasswd files Link to comment Share on other sites More sharing options...
osgodaddy Posted November 10, 2006 Author Share Posted November 10, 2006 I found this not for .htaccess on oscommerce. In order for .htaccess to work, a file must be in the 'allowoverride configuration' in your server or something but the instructions. Just need to find that file in your server Id: .htaccess,v 1.4 2001/04/22 20:30:03 dwatkins Exp This is used with Apache WebServers The following blocks direct HTTP requests in this directory recursively For this to work, you must include the parameter 'Limit' to the AllowOverride configuration Example: <Directory "/usr/local/apache/htdocs"> AllowOverride Limit 'All' with also work. (This configuration is in your apache/conf/httpd.conf file) This does not affect PHP include/require functions Example: http://server/catalog/includes/application_top.php will not work <Files *.php> Order Deny,Allow Deny from all </Files> I'm not sure why the catalog/admin is not secured as that is obvious to secure the admin. Most host have the .htaccess setup or should setup so no work in the server side should be needed if you hosting the site on a shared server on a linus isp. .htaccess and .htpasswd is for linux shared servers. I installed in www.godaddy.com http://help.godaddy.com/article.php?articl...c_id=&& http://en.wikipedia.org/wiki/Htaccess http://www.htaccesstools.com/htaccess-faq/ These two sites can encrypt password for .htpasswd file you need two files. that are saved in directory you want secured. .htaccess and .htpasswd created by notepad save them as all files :o NOTE: Due to server caching, new .htaccess files may take up to one hour to be recognized. Changes to existing .htaccess files are picked up immediately. It takes two hours or more for server to activate .htaccess to work. so be patient and don't upload again Using .htpasswd With Your Linux Shared Hosting Account Last Updated: October 12, 2006 5:35 PM Print This Article To protect a directory in your hosting account with a password, in that directory, create an .htaccess file that contains the following: AuthUserFile /home/content/l/o/g/login_name/html/.htpasswd AuthGroupFile /dev/null AuthName EnterPassword AuthType Basic require valid-user Where "l," "o," and "g" are the first three letters of your hosting login and "login_name" is your full hosting login. For example, the hosting login "maynard" would translate to the following path: /home/content/m/a/y/maynard/html/.htpasswd The AuthUserFile describes where the Web server looks for the .htpasswd file. The .htpasswd file contains a list of users who have access to a protected directory and their hashed passwords. There are a number of tools available online to create .htpasswd files. NOTE: Due to server caching, new .htaccess files may take up to one hour to be recognized. Changes to existing .htaccess files are picked up immediately. NOTE: Our servers are configured to prevent the downloading of both .htaccess and .htpasswd files Link to comment Share on other sites More sharing options...
Druid6900 Posted November 10, 2006 Share Posted November 10, 2006 I found this not for .htaccess on oscommerce. In order for .htaccess to work, a file must be in the 'allowoverride configuration' in your server or something but the instructions. Just need to find that file in your server Id: .htaccess,v 1.4 2001/04/22 20:30:03 dwatkins Exp This is used with Apache WebServers The following blocks direct HTTP requests in this directory recursively For this to work, you must include the parameter 'Limit' to the AllowOverride configuration Example: <Directory "/usr/local/apache/htdocs"> AllowOverride Limit 'All' with also work. (This configuration is in your apache/conf/httpd.conf file) This does not affect PHP include/require functions Example: http://server/catalog/includes/application_top.php will not work <Files *.php> Order Deny,Allow Deny from all </Files> I just answered this qurstion for another godady user, so, I'll just cut and paste the same answer here; Well, godaddy seems to be one of the few ISPs that people have problems (search on godaddy) with using OsC, but, I know of one lady that managed to get her site running, so, it must be possible. This is a link to a .htaccess/.htpasswd tool (just follow the instructions) to let you generate the encrypted coding to make the combo work. .htpasswd goes in your ROOT directory and .htaccess goes in your ADMIN directory. I've never heard of both files going into the protected directory. http://www.htaccesstools.com/htaccess-authentication/ Now, by default, there is an .htaccess file in the admin directory, just let the new file overwrite it, then load your admin page and it should work correctly. I know the first few times I logged in, I had to log in 2 times, but, then, for some reason (that I didn't question) it went away. I THINK it had something to do with trying to put ADMIN under the SSL umbrella, which there is no reason to do. HTH No Good Deed EVER Goes Unpunished Link to comment Share on other sites More sharing options...
osgodaddy Posted November 10, 2006 Author Share Posted November 10, 2006 {You need to have this line in your .htaccess file . it blocks web request recursively, it should work in godaddy :thumbsup: :D } AuthUserFile /home/content/l/o/g/login_name/html/.htpasswd AuthGroupFile /dev/null AuthName EnterPassword AuthType Basic require valid-user AllowOverride Limit I found this not for .htaccess on oscommerce. In order for .htaccess to work, a file must be in the 'allowoverride configuration' in your server or something but the instructions. Just need to find that file in your server Id: .htaccess,v 1.4 2001/04/22 20:30:03 dwatkins Exp This is used with Apache WebServers The following blocks direct HTTP requests in this directory recursively For this to work, you must include the parameter 'Limit' to the AllowOverride configuration Example: <Directory "/usr/local/apache/htdocs"> AllowOverride Limit 'All' with also work. (This configuration is in your apache/conf/httpd.conf file) This does not affect PHP include/require functions Example: http://server/catalog/includes/application_top.php will not work <Files *.php> Order Deny,Allow Deny from all </Files> Link to comment Share on other sites More sharing options...
osgodaddy Posted November 10, 2006 Author Share Posted November 10, 2006 :blush: :angry: Correction the Allow limit should be set not in .htaccess It should be in another file (This configuration is in your apache/conf/httpd.conf file) This is used with Apache WebServers The following blocks direct HTTP requests in this directory recursively For this to work, you must include the parameter 'Limit' to the AllowOverride configuration Example: <Directory "/usr/local/apache/htdocs"> AllowOverride Limit 'All' with also work. (This configuration is in your apache/conf/httpd.conf file) This does not affect PHP include/require functions Example: http://server/catalog/includes/application_top.php will not work <Files *.php> Order Deny,Allow Deny from all </Files> {You need to have this line in your .htaccess file . it blocks web request recursively, it should work in godaddy :thumbsup: :D }AuthUserFile /home/content/l/o/g/login_name/html/.htpasswd AuthGroupFile /dev/null AuthName EnterPassword AuthType Basic require valid-user AllowOverride Limit Link to comment Share on other sites More sharing options...
Wendy James Posted November 10, 2006 Share Posted November 10, 2006 There should be a password protect directory link in your godaddy admin panel. If not, you could install one of the many password contributions. Some are very very simple to install. Just do a search : ) I hate trying to figure out the htpassword and htaccess files. Wendy James Creativity is allowing yourself to make mistakes. Art is knowing which ones to keep. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.