发表新帖
发表新帖

htaccess doesn't work - always wrong password

前端 未结
关注
9 2322
盖世英雄少女心
盖世英雄少女心 2020-12-15 04:04

I am trying to password protect a directory, and have two files in the directory which should password protected it:

  • .htaccess
  • .htpasswd
<
相关标签:
9条回答
  • 你的背包
    2020-12-15 04:14

    I had the same problem. Turned out the issue was this line:

    Require user admin

    If you specify admin you can only access the directory with admin even if you have other users in the .htpasswd file.

    If you want to specify the users in the .htpasswd file, you can change the line to:

    Require valid-user

    0 讨论(0)
  • Happy的楠姐
    2020-12-15 04:16

    use 

    htpasswd -b .htpasswd admin admin

    to use the password from command line.

    0 讨论(0)
  • 野趣味
    2020-12-15 04:17

    There's a small chance you're seeing password protection from a parent folder, not the folder you expect.

    If your /etc/apache2/sites-enabled folder has only one file in it, check to see if it has a section for your sites folder, something like:

    <Directory /var/www/mysite.com>
   AllowOverride All
</Directory>

    otherwise, if it has a file for your site name, like:

    /etc/apache/sites-enabled/YOUR_SITE_NAME_HERE.conf

    edit that file instead, and make sure that there's an 

    AllowOverride All

    in there. That's the important part! If you want to only allow the minimum, specify:

    AllowOverride AuthConfig

    instead.

    0 讨论(0)
  • 闹比i
    2020-12-15 04:18

    I had the same issue.

    • The password should have specified encryption:

    CRYPT_STD_DES - Standard DES-based hash with a two character salt from the alphabet "./0-9A-Za-z".

    function standard_salt(){
$a = array_merge(range(0,9),range('a','z'),range('A','Z'));
return (string) $a[rand(0,count($a)-1)].$a[rand(0,count($a)-1)];
}

echo(crypt("admin",standard_salt()));

    example:

    admin:dsbU.we73eauE

    Onlione javascript encripter is also available.

    If it still does not work, take care of these:

    • use unix linebreaks
    • use correct AuthUserFile path, You can get it using: echo $_SERVER['DOCUMENT_ROOT'];
    • set file readable: chmod(".htpasswd",0644);
    0 讨论(0)
  • 逝去的感伤
    2020-12-15 04:23

    My problem was that I did not give an absolute path for the AuthFile line.

    0 讨论(0)
  • 心在旅途
    2020-12-15 04:38

    This problem is almost always because apache cannot read the .htpasswd file. There are four causes that come to mind:

    1. it isn't parsing the path correctly... how did you create the .htaccess file? Does it have unix line endings (versus say using Notepad in Windows?

    2. is the path correct? What does the following command (with the path update) show? ls -l /var/www/html/path/to/my/directory/.htpasswd

    3. does the web server have access to the file? chmod 644 and see if that solves the problem.

    4. it can't parse the .htpasswd file: in this case, you are using the crypt() encryption so it does seem you created the file on Linux and it is probably fine. Some types of encryption only work on certain platforms, if in doubt try switching to MD5.

    You may find helpful messages in the Apache error log.

    My money is on #3.

    0 讨论(0)
 看不清?
提交回复
热议问题