Free Web Hosting Forum
(#1)
Old
Skiilz Skiilz is offline
Junior Member
Skiilz is on a distinguished road
 
Posts: 26
Join Date: Oct 2009
Default Question about .htaccess - 10-17-2009, 10:50 PM

Is possible to add the .htaccess file and .htpasswd file into my site?
I want to protect my admin folder from another people.
Also what is the path for the non-public folder? (I want to add the .htpasswd there)
The code I would use for .htaccess is this one:
Code:
AuthName "Restricted Area" 
AuthType Basic 
AuthUserFile (NON-PUBLIC PATH)
AuthGroupFile /dev/null 
require valid-user
The code I would use for .htpasswd is this one:
Code:
FORUMS NAME:PASSWORD ENCRYPTED
Generated by this site: http://tools.dynamicdrive.com/password/

If there is any problem tell me and I won't add it.
Thanks for the information.
Reply With Quote
(#2)
Old
sizzlefire's Avatar
sizzlefire sizzlefire is offline
Administrator
sizzlefire is on a distinguished road
 
Posts: 4,531
Join Date: Apr 2008
Send a message via AIM to sizzlefire Send a message via MSN to sizzlefire Send a message via Yahoo to sizzlefire Send a message via Skype™ to sizzlefire
Default 10-18-2009, 02:12 PM

There shouldn't be a problem with using that.
Reply With Quote
(#3)
Old
Skiilz Skiilz is offline
Junior Member
Skiilz is on a distinguished road
 
Posts: 26
Join Date: Oct 2009
Default 10-18-2009, 02:16 PM

Ok.
I got this error when I type the password:
Code:
Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, cpanel@hosting24.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
I put the .htpasswd into the non-public path and the htaccess into the folder I want to protect.
And set the .htaccess with these configuration:
Code:
AuthName "Restricted Area" 
AuthType Basic 
AuthUserFile .htpasswd 
AuthGroupFile /dev/null 
require valid-user
This path is correct for the non-public folder?
Code:
AuthUserFile .htpasswd

Last edited by Skiilz; 10-18-2009 at 02:36 PM.
Reply With Quote
(#4)
Old
sizzlefire's Avatar
sizzlefire sizzlefire is offline
Administrator
sizzlefire is on a distinguished road
 
Posts: 4,531
Join Date: Apr 2008
Send a message via AIM to sizzlefire Send a message via MSN to sizzlefire Send a message via Yahoo to sizzlefire Send a message via Skype™ to sizzlefire
Default 10-18-2009, 10:08 PM

There is a function to do exactly this in your cPanel, its called "Password Protect Directories" you may want to use that.
Reply With Quote
(#5)
Old
Skiilz Skiilz is offline
Junior Member
Skiilz is on a distinguished road
 
Posts: 26
Join Date: Oct 2009
Default 10-19-2009, 04:24 PM

It only protect the directory and there is a index.php there.
index.php is the admin dashboard. When I type admindirectory/index.php it wont protect the access to this page.
Thats why I'm trying to use the .htaccess and .htpasswd.

Last edited by Skiilz; 10-19-2009 at 04:27 PM.
Reply With Quote
(#6)
Old
Kurisan Kurisan is offline
Junior Member
Kurisan is on a distinguished road
 
Posts: 26
Join Date: Oct 2009
Default 10-22-2009, 09:20 AM

Quote:
Originally Posted by Skiilz View Post
It only protect the directory and there is a index.php there.
index.php is the admin dashboard. When I type admindirectory/index.php it wont protect the access to this page.
Thats why I'm trying to use the .htaccess and .htpasswd.
If you had tried what sizzlefire recommended you would have found that the .htaccess and .htpasswd files are created for you in the directory selected for protection and they do not need further manipulation/alteration. Staying with your example: if you follow the lead given and somebody then tried to access the file ../admindirectory/index.php (or more precisely *any* file in admindirectory) a prompt for login and password would appear.

If you *did* follow it correctly so far and it still appears to you that there is no protection present, then you should note that once given the login is of course valid until the connection/session refreshes/expires. So if you want to check it out you have to refresh or completely close and restart your browser before trying to access the page again (whatever is needed depending on your browser and security settings).

Kurisan =^..^=
... thank you for choosing 000webhost.com!
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



Powered by vBulletin® Version 3.8.2
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
vBulletin Skin developed by: vBStyles.com