[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: RE: [cobalt-users] htaccess on RAQ3

Subject: Subject: RE: [cobalt-users] htaccess on RAQ3
From: "Steve Bassi" <steve@xxxxxxxxx>
Date: Sun Jul 29 02:40:03 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

>Message: 15
>From: "Graham Nichols" <graham@xxxxxxxxxxxxxxxxxxxxx>
>To: <cobalt-users@xxxxxxxxxxxxxxx>
>Date: Sun, 29 Jul 2001 10:23:00 +0100
>Subject: [cobalt-users] htaccess on RAQ3
>Reply-To: cobalt-users@xxxxxxxxxxxxxxx

>Hi,

>I'm having trouble getting my htaccess to perform correctly.  I have a
>htaccess file in the directory which I wish to protect with the following
>entries:

>AuthUserFile /users
>AuthGroupFile /dev/null
>AuthName "Authorised User's Only"
>AuthType Basic
>require bill

>my users file in the '/' directory was created with

>htpasswd -c users graham

>and I inputted the password twice as requested.   The users files had its
>permissions set with

>chmod a+rx users

>When I enter the directory which requires protection via my web client (MS
>Explorer 5.5) it asks for the user name and password as requested.
Inputting
>the correct user name and password has no effect, and after the third
>attempt it returns the 'no authorisation' error page.

>What am I doing wrong please?   Is the user 'graham' also required to be a
>valid linux login user?

>kind regards,


>Graham Nichols.


Hi,

Hope this helps

1. ssh in, and login as the User
2. Navigate to the directory you want to password protect.
3. Create the .htaccess file, it should contain the following lines:


# Access file
order allow,deny
allow from all
AuthGroupFile /dev/null
Authname "enter message you want people to see"
AuthPAM_Enabled off
Authtype Basic
AuthUserFile /home/sites/www.yoursite.com/directory/.htpasswd

<LIMIT GET POST>
require valid-user
</LIMIT>

Replace directory in last line as appropriate.


4. Now you must create the .htpasswd file using the htpasswd tool.
(Do not put this file in a web directory)

a. cd  /home/sites/www.yoursite.com/directory

a. Type the following command to create the file and add a user:


/usr/sbin/htpasswd -c .htpasswd username

b. You will be prompted for the users' password twice.

5. If you need to add additional users to the file, use the command above
without the -c.

You can also use -m option to create md5 passwords for added secuirty

I believe as well on the RAQ you should be able to change the name of the
htpasswd file, so that its not so easy for others to find.

AuthUserFile /home/sites/www.yoursite.com/directory/.whatever

and /usr/sbin/htpasswd -c .whatever username

One final thing you may also like to do is

Create the following  .htaccess file.

      <Files ~ "\.htaccess$">
      order deny,allow
      deny from all
      </Files>

Save the file, upload it in ASCII-Mode to your Webroot-directory and set
permissions to 644.

In this way no one  will be able to view the .htaccess file .

Rgds

Bassi

Follow-Ups:
- Re: Subject: RE: [cobalt-users] htaccess on RAQ3
  - From: Steve Werby

Prev by Date: RE: [cobalt-users] [cobalt-users]RaQ4R Credit Card Payments
Next by Date: [cobalt-users] (no subject)
Previous by thread: [cobalt-users] trying to RESTART server and I get this...
Next by thread: Re: Subject: RE: [cobalt-users] htaccess on RAQ3

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index