.htaccess does not work

Discussion in 'Installation/Configuration' started by lifeisboost, May 17, 2007.

  1. lifeisboost

    lifeisboost New Member

    okay we built a new server i followed the fc5 install and followed the how too on moving the sites. but nw my .htaccess for authentication does not work. can some one please help this is urgent that i need this working. here is what is in my .htaccess file

    AuthName "Restricted area, please provide your login information."
    AuthType Basic
    AuthUserFile /home/www/web1/web/******/.htpasswd
    AuthGroupFile /dev/null


    i also had directorys limited by IP address. this does not work Either
     
    Last edited: May 17, 2007
    lifeisboost, May 17, 2007
    #1
  2. bschultz

    bschultz Member

    In the ISPConfig panel, you need to set the Apache Directive for each site to allow an .htaccess file like this:
    Keep in mind that the paths above are Debian Etch...you may need to change the path for your system. Also, it's a good idea to keep the password file out of the web root.
     
    bschultz, May 17, 2007
    #2
  3. lifeisboost

    lifeisboost New Member

    well this is what i have in my httpd.conf. do i still ned to add that into the site directvies of isp?

    <Directory /var/www/*/web>
    Options +Includes -Indexes
    AllowOverride Indexes AuthConfig Limit FileInfo
    AllowOverride Indexes AuthConfig Limit FileInfo
    Order allow,deny
    Allow from all
    <Files ~ "^\.ht">
    Deny from all
    </Files>
    </Directory>


    i have also tried this combo

    <Directory /var/www/*/web>
    Options +Includes -Indexes
    #AllowOverride Indexes AuthConfig Limit FileInfo
    #AllowOverride Indexes AuthConfig Limit FileInfo
    AllowOverride All
    Order allow,deny
    Allow from all
    <Files ~ "^\.ht">
    Deny from all
    </Files>
    </Directory>
     
    lifeisboost, May 17, 2007
    #3
  4. bschultz

    bschultz Member

    I think you need to have this:

    IN the .htaccess file...that way website viewers can't see the contents of the .htaccess file. When you put it in the http.conf file, I THINK that you are disabling the file.

    Don't hold me to this...but I think I'm right.
     
    bschultz, May 17, 2007
    #4
  5. Hans

    Hans Moderator ISPConfig Developer

    In your /etc/apache2/apache2.conf file you can disable/enable the global setting for using .htaccess files on your system.
    With these lines within /etc/apache2/apache2.conf these global settings are turned off.

    AccessFileName .htaccess

    <Files ~ "^\.ht">
    Order allow,deny
    Deny from all
    </Files>


    To make the use of .htaccess files possible for that particular site, you can add the following lines in ISPConfig within the Apache directives field of the website:

    <Directory "/var/www/webX/web">
    Options FollowSymLinks
    AllowOverride All
    </Directory>

    Exactly how bschultz mentioned before.

    For Authentication, you can create something like this:

    AuthType Basic
    AuthName "Members Only"
    AuthUserFile /var/www/www.example.com/.htpasswd
    <limit GET PUT POST>
    require valid-user
    </limit>
     
    Hans, May 17, 2007
    #5

Share This Page