Reputation: 1970
Protect folder with password fails on localhost (under Apache and Windows)
I am trying to protect a folder from direct access with username and password on localhost under Apache webserver on Windows machine. According to this article, I've looked for DOCUMENT_ROOT value in phpinfo results and found the following: C:/Program Files/Apache Software Foundation/Apache2.2/htdocs.
Since my folder inside htdocs is called protected, I created the following htaccess file:
AuthType Basic
AuthName "restricted area"
AuthUserFile C:/Program Files/Apache Software Foundation/Apache2.2/htdocs/protected/.htpasswd
require valid-user
and the following .htpasswd (user:test, password: test)
test:teH0wLIpW0gyQ
But when I try to access the folder, I receive an "Internal Server Error". Looking on Apache error log, I found the following line:
[Thu Mar 13 22:00:15 2014] [alert] [client 127.0.0.1] C:/Program Files/Apache Software Foundation/Apache2.2/htdocs/protected/.htaccess: AuthUserFile takes 1-2 arguments, text file containing user IDs and passwords
What am I missing? I doesn't seem to be related to spaces in .htpasswd path, but something related to .htpasswd sintax. I would like to build something which can be used both on localhost and online.
UPDATE
Enclosing htpasswd path into inverted commas eliminates the error
AuthUserFile "C:/Program Files/Apache Software Foundation/Apache2.2/htdocs/protected/.htpasswd"
but unfortunately doesn't work (if I type user:test, password:test when required I receive a password mismatch error). See the following apache log:
[Thu Mar 13 22:26:43 2014] [error] [client 127.0.0.1] user test: authentication failure for "/protected/": Password Mismatch
Any ideas?
Upvotes: 0
Views: 6682
Answers (2)
Reputation: 1
If your in windows remember to make sure you can see file extensions. That screwed me up when creating my htaccess file and etc... was creating them as text file.
So just make sure to save as all files to kill off .txt extension.
Upvotes: 0
Reputation: 1970
Solved! Here the steps to configure Apache under windows to protect a folder with password (in this example I use "protected" as folder name and "htdocs" as location, but you can change them as you want):
- create folder "protected" under "htdocs"
- create .htaccess file inside "protected" containing the code below
- go to this password generator tool and create your user and password
- paste the obtained code to a .htpasswd file and put it inside "protected" folder
- create a index.html file and put it inside "protected" folder
- on your browser go to
http://localhost/protected/ - type username and password you've chosen
.htaccess
AuthType Basic
AuthName "restricted area"
AuthUserFile "C:/Program Files/Apache Software Foundation/Apache2.2/htdocs/protected/.htpasswd"
require valid-user
Hope it helps somebody.
Upvotes: 2
Related Questions
- .htaccess password protected folder goes to 404 page
- htaccess doesn't work - always wrong password
- password protect website with .htaccess and .htpasswd - error - "Could not open password file:"
- .htaccess password protection not working with ErrorDocument 401
- Protect only a directory with htpasswd
- htaccess password protect but not on localhost
- htaccess password protection not working
- .htaccess conflicts with protected directory (.htpasswd)
- problem protecting a directory using .htaccess
- .htaccess and .htpasswd to prevent access to folder problem