Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Securing The Admin Via .htaccess Problem


Snoboreders

Recommended Posts

Ok, so I have had one goal in the past week, and after searching the forums countless times, and with a little help, I finally secured my admin section of my website. The only problem is that when I type in the name and password it won't let me in!

 

Here is my .htaccess code:

AuthName Restricted
AuthType Basic
AuthUserFile /home/content/N/o/x/Noxwear/html/owner/.htpasswd 
AuthGroupFile /dev/null
Require valid-user

 

and my .htpasswd file is the one line encrypted password.

 

The fact that it asks me for my name and pass means that the path is right. I am using Linux and hosting via GoDaddy. I'm wondering if I have to clear something up with GoDaddy or enable password protection, because it seems that the .htaccess is right.

 

Any ideas?

 

Thanks.

Link to comment
Share on other sites

Ok, so I have had one goal in the past week, and after searching the forums countless times, and with a little help, I finally secured my admin section of my website. The only problem is that when I type in the name and password it won't let me in!

 

Here is my .htaccess code:

AuthName Restricted
AuthType Basic
AuthUserFile /home/content/N/o/x/Noxwear/html/owner/.htpasswd 
AuthGroupFile /dev/null
Require valid-user

 

and my .htpasswd file is the one line encrypted password.

 

The fact that it asks me for my name and pass means that the path is right. I am using Linux and hosting via GoDaddy. I'm wondering if I have to clear something up with GoDaddy or enable password protection, because it seems that the .htaccess is right.

 

Any ideas?

 

Put this in your htaccess file;

 

AuthName "Please Enter Your ID and Password to enter admin/"

AuthUserfile "this is the path to your passwd file"

AuthType Basic

Require valid-user

 

this for your htpasswd file

yourID here:your password here

 

put you passwd file outsite your web dir. examp= C:/?

or /etc/?

 

Thanks.

Link to comment
Share on other sites

Thanks for that reply but wouldn't I only need the ID in

AuthName "Please Enter Your ID and Password to enter admin/"

and not the pass?

 

Also, if the password is not going to be encrypted...and I put it in the C directory, how can I access it via the net?

 

Do you think perhaps with my code if I just entered an ID things would work?

 

Who would have thought securing a folder would be so damn tough.

Link to comment
Share on other sites

Ok, so I have had one goal in the past week, and after searching the forums countless times, and with a little help, I finally secured my admin section of my website. The only problem is that when I type in the name and password it won't let me in!

 

Here is my .htaccess code:

AuthName Restricted
AuthType Basic
AuthUserFile /home/content/N/o/x/Noxwear/html/owner/.htpasswd 
AuthGroupFile /dev/null
Require valid-user

 

and my .htpasswd file is the one line encrypted password.

 

The fact that it asks me for my name and pass means that the path is right. I am using Linux and hosting via GoDaddy. I'm wondering if I have to clear something up with GoDaddy or enable password protection, because it seems that the .htaccess is right.

 

Any ideas?

 

Thanks.

Use your host's cpanel to password-protect directories. If that process does not work you should ask your host for instructions. It can be different from server to server.

Link to comment
Share on other sites

Wow, this is absolutely ridiculous. I called GoDaddy for the 3rd time today asking how to password protect a directory, and they informed me that there is no way to do it via their control panel.

 

Does anybody host through GoDaddy, and if so, have you password protected a folder?

Link to comment
Share on other sites

Wow, this is absolutely ridiculous. I called GoDaddy for the 3rd time today asking how to password protect a directory, and they informed me that there is no way to do it via their control panel.

 

Does anybody host through GoDaddy, and if so, have you password protected a folder?

here are some instructions they have

http://help.godaddy.com/article.php?articl...mp;topic_id=330

and it's amazing they don't provide a tool as it's for their own benefit. You should explain to them since they don't have basic security tools not to blame the users if their accounts are compromised and that they become primary targets for hack attempts.

 

Also use one of the admin password protect contributions like:

http://www.oscommerce.com/community/contributions,1359

 

Althought the host's password protection is always prefered.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...