Guest Posted November 26, 2003 Share Posted November 26, 2003 I have got the htaccess working like a charm - but I am missing a feature and I would like to add it in - never had a call for this before so my knowledge is a little raw. After 3 bad log in attempts, you get the following: Authorization Required This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. NOTE the last line there, ErrorDocument - where would I set that document up to provide a theme fitting error page rather than the basic text page. Is it in the htaccess file itself? Thank you again for sharing your master knowledge. Link to comment Share on other sites More sharing options...
OceanRanch Posted November 26, 2003 Share Posted November 26, 2003 Lots of ways to do this. Here's one. Add this to your .htaccess file all on one continuous line. NOTE that there is NO ending " at the end of the line. This one will give a customized screen when the user cancels out of the authorization prompt (401 code). ErrorDocument 401 "<body bgcolor='#6666FF' text=white><p align=center><font size='+1' ><br><br><br><br><br><br>You have been denied access to this particular page.</font></p><p align=center><font size='+1' >Please contact xxxxx if you have any questions. </font></p></body> HTH Link to comment Share on other sites More sharing options...
The Unspun Zone™ Posted March 18, 2004 Share Posted March 18, 2004 I am having a situation where authentication isn't working for some reason with .htaccess/.htpasswd. After reading the post immediately above mine, I put the recommended line into my .htaccess file. I figured that way, I'd get a different error than the regular system error I was getting and that would show me that at least my .htaccess file wasn't being ignored. Sure enough, after three attempts to validate, I got the page specified in the .htaccess file. I'm using the default .htaccess that came with the osCommerce download I used from yesterday. It contains "adjustments" for the SSL protocol. I added the following lines, in addition to the one mentioned above: AuthType Basic AuthName "The Unspun Zone(tm) Store Administration Area" AuthUserFile /theres/no/place/like/home/.htpasswd Require rickeroo (The AuthUserFile path has been changed here to protect the innocent.) I'm also not sure at all that my SSL is configured correctly, since I'm still trying to learn how to do that. I don't want to leave the admin directory open to the world. Any ideas on what's going wrong with my .htaccess/.htpasswd access? Thanks, in advance. This looks like a terrific program, if I can ever get it to work. Link to comment Share on other sites More sharing options...
Baron Posted March 19, 2004 Share Posted March 19, 2004 Hi, Rick, Looks like you have half the battle won. FYI - The .htpasswd file should not be in /home (your Website root directory). It should be right above it. For example, if your Website root is /theres/no/place/like/home/ then .htpasswd should be in /theres/no/place/like/. In .htpasswd you should have something like this: rickeroo:1$nYxLpTMQ84I Your .htaccess looks correct. Cheers, Ray Link to comment Share on other sites More sharing options...
The Unspun Zone™ Posted March 19, 2004 Share Posted March 19, 2004 Thanks, Ray! I think I found out why I can't get osCommerce working the way I want. My websites all live on the same server. I'm using Virtual Hosting based on website names with Apache. Apparently SSL won't work in such a scenario, because the SSL connection is established before the website name is passed. Now I don't know what to do about that. On the other hand, it MIGHT not matter, since initially I was planning to use osCommerce with PayPal until I determine that my volume is high enough to justify getting my own merchant account for credit cards with my bank. I guess I need to finish reading the osCommerce documentation. On the plus side, I own the servers; they sit in my office. Now I just have to figure out how to configure and maintain them. Link to comment Share on other sites More sharing options...
Guest Posted July 2, 2004 Share Posted July 2, 2004 SSL will work on virtual domains but you do have to have an IP address for each domain and configure Apache for IP virtual hosting. I too run my own servers. I had an IP in my block I was not using so I configured DNS to point to that IP. I configured NAT in my router to send requests on ports 80 and 443 to a new internal IP (i.e. 192.168.1.121). I configured my OS to include that IP on the existing NIC. In my case that was an ifconfig command. And finally, I setup Apache for IP based virtual hosting to answer on the xxx.xxx.xxx.121 address. It worked like a charm. You do have to have a unique public IP and a unique private IP to make this work. Also in Apache, you need two virutal hosts: one for port 80 and one for port 443. Good Luck Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.