htaccess, htpasswd setup - help!

J

jasonbarak

Registered
I have been trying to setup htaccess for some time now. I've read all threads on this website and even on Apple's site, but there are many conflicting listings.

I'm currently using OSX 10.1.4 and this is what I found - all advice welcome:

1. even after making edits to the httpd.conf file to change the line "AllowOverride None" to "AllowOverride All" or "AllowOverride AuthConfig" and restarting Apache, htaccess did not work. I changed the location of the .htpasswd file and no luck. I recreated the .ht files while I was logged in as root, no luck. The web pages loaded, but no login check was asked for.

2. I then reverted my http.conf file back to pre-htaccess attempts and then removed all the .htaccess and .htpasswd files I made.

Then using advise I had read, I made edits to my username.conf file in the <b>/etc/httpd/users/</b> directory. The edits to this file seem to add the lines usually found in an .htaccess file. I also created a new htpasswd file.

Here are the lines from the username.conf file:

&lt;Directory "/Users/username/Sites/directory/subdirectory/"&gt;
AuthType Basic
AuthName "Need Access Name"
AuthUserFile "/Users/username/.htpasswd"
Require valid-user
Options -Indexes
AllowOverride None
Order allow,deny
Allow from all
&lt;/Directory&gt;


Now when I typed in my url: <b>XXX.XX.XX.X/~username/directory/subdirectory</b>, I was presented with pop-up access window. Great. Access granted.

This was great and all, but I'd rather use a .htaccess file. Any advice? Is the username.conf file overriding any .htaccess file that might exist?

3. Continuing on, I also use dnydns and virtual name hosting. So, the next step was to check the access with my url: <b>myweb.dyndns.org/directory</b> and no dice. The index file loaded, but no username or password was asked for. So it seems that Apache is not checking the access when a virtual host name is used.

I realize that the above is a bit thin in details, but anyone who knows about this subject can surely understand where I'm going. Any advice with this matter would be of great help.

------
 
Is it possible to setup the web server so you don't have to type the ip then the user directory? As in: xxx.xxx.xxx.xxx insteac of xxx.xxx.xxx.xxx/~joeuser/directory/sub-direct.

Also I have been trying to setup the web server but for some reason I can't even create the htpasswd file.

...and I know what you mean about conflicting posts. I find there are a few people who like to post answers to questions when they are not fully sure of the correct way to do something and it seems like they are just guess. Is this the norm for the forums?
 
Originally posted by bossa nova
...and I know what you mean about conflicting posts. I find there are a few people who like to post answers to questions when they are not fully sure of the correct way to do something and it seems like they are just guess. Is this the norm for the forums?
Click to expand...
This is the norm for life. Lots of people give you advice when they're not sure of something. :)

Frequently on the forums I'll try to answer questions that I am not 100% sure of. I usually go for the questions that I have a reasonable intuition on. The reason is that I learn very quickly how to do things if I am helping someone else do it. Expansion of personal knowledge.

And while I am doing this, I am doing an analysis of the problem in question, telling the person I am corresponding with what to do and looking at the results. This tends to help those people understand some ways to diagnose future problems a lot more than just "Here's the answer" kind of replies. So it's mutually beneficial.

I worked for about 5 years as a lab assistant in the community college computer lab. I started just telling people "This is how you fix that problem" and I noticed that those same people had problems again and again and again. I walked others through the whole problem solving steps, and those people tended to ask fewer questions down the road. I even overheard some of them helping other students. I don't think that the ones who progressed faster were smarter on average than the first group, just the teaching style was more comprehensive. This is obvious if you take lower level computer science courses (maybe others ;) but this is my experience). The professors don't say "OK, to use a stack you define a variable as CStack" (or whatever). They make you write your own stack class so you understand how it works.

I guess this could all be boiled down to the "Teach a man to fish" quote. But one thing that I almost forgot to mention: When I am not sure about something, I'll say so. I'd like to say that everyone else does the same, but that would be a lie.

Anyway, sorry for the rambling post, and sorry I have nothing to contribute to the htaccess question...
 
No apology needed. I appreciate your feedback. And yes I see the logic to what you are saying. Learning to fish and catching your own fish is way better then having someone toss a trout that's already cooked on your plate. :)
 
Your .htaccess should look like this...

  • AuthUserFile /path/to/.htpasswd
    AuthGroupFile /dev/null
    AuthName "Access Name Here"
    AuthType Basic

    < Limit GET POST >
    require valid-user
    < /Limit >

I have apache set to..

  • Allowoverride All

Hope this helps.
 
You must log in or register to reply here.
Back
Top