Password Protected Directories Problem

Discussion in 'General' started by Median, Feb 3, 2006.

  1. Median

    Median New Member

    Told you I'd be back :D

    I am trying to password protect a dirctory on one of my ISPConfig sites.

    When I try and access a page within that directory I should be prevented from accessing it until I put in a username and password. What actually happens is the the page just opens normally.

    I followed the Perfect Setup - Fedora Core 4 and installed ISPConfig. Any errors that were encountered were fixed and everything seems to work perfectly.

    I then installed osCOmmerce on one of my vhosts. Unfortunately this lovely piece of software won't run under php 5. So....

    I uninstalled php 5 using
    Code:
    yum remove php
    and installed php 4 using the rpms. This has fixed the problem with osCommerce which has installed and is running fine.

    I then went into ISPConfig as the admin for that site, opened the site with the webFTP program, clicked on the relevant folder, clicked on the protect directory button and entered the username and password. No errors were encountered with this, but as I said at the start, when I try and access a page within that directory the page just opens normally.

    Any suggestions as to were I start looking to fix this please?

    Thanks a lot
     
  2. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    Can you see an .htaccess file in that directory? (Use
    Code:
    ls -l[B][COLOR="Red"]a[/COLOR][/B]
    to look at the contents of that directory on the command line.) What's in it?
     
  3. Median

    Median New Member

    Both .htaccess and .htpasswd are there along with the php files I want protected.
     
  4. Median

    Median New Member

    Just checked in .htaccess and this
    Code:
    # Fix certain PHP values
    # (commented out by default to prevent errors occuring on certain
    # servers)
    #
    #<IfModule mod_php4.c>
    #  php_value session.use_trans_sid 0
    #  php_value register_globals on
    #</IfModule>
    appears. I am using php4. Do I need to uncomment these lines?

    .htpasswd (edited for security) contains
    Code:
    username:JKe47yT4pl9B0
     
  5. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    I'm quite surprised where this comes from. Did you somehow replace the .htaccess file created by ISPConfig? Because it should rather look like this:
    Code:
    AuthType Basic
    AuthName "Passwortgeschützter Bereich"
    AuthUserFile [I]/path/to[/I]/.htpasswd
    require user [I]username[/I]
     
  6. Median

    Median New Member

    All I have done is created the site within ISPConfig and installed osCommerce. Maybe that is where it came from.

    In full, .htaccess is:
    Code:
    # $Id: .htaccess,v 1.1 2003/06/20 00:18:30 hpdl Exp $
    #
    # This is used with Apache WebServers
    #
    # For this to work, you must include the parameter 'Options' to
    # the AllowOverride configuration
    #
    # Example:
    #
    # <Directory "/usr/local/apache/htdocs">
    #   AllowOverride Options
    # </Directory>
    #
    # 'All' with also work. (This configuration is in the
    # apache/conf/httpd.conf file)
    
    # The following makes adjustments to the SSL protocol for Internet
    # Explorer browsers
    
    <IfModule mod_setenvif.c>
      <IfDefine SSL>
        SetEnvIf User-Agent ".*MSIE.*" \
                 nokeepalive ssl-unclean-shutdown \
                 downgrade-1.0 force-response-1.0
      </IfDefine>
    </IfModule>
    
    # If Search Engine Friendly URLs do not work, try enabling the
    # following Apache configuration parameter
    #
    # AcceptPathInfo On
    
    # Fix certain PHP values
    # (commented out by default to prevent errors occuring on certain
    # servers)
    #
    #<IfModule mod_php4.c>
    #  php_value session.use_trans_sid 0
    #  php_value register_globals 1
    #</IfModule>
    
    After I set up osCommerce I then tried to activate the protected directory in ISPConfig and discovered the problem.

    Assuming (and I don't know for sure) this is an important part of the osCommerce setup, how would I modify it to make it work as I want it to?

    This is the first of at least 3 osCommerce sites I need to set up for myself so it would be great to get it sorted.

    Incidentally, I notice a few people around the forums having problems with osCommerce. Once everything is sorted I'll try and put together a 'How-To' if you think it will help.

    Thanks.
     
  7. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    You can not use the ISPConfig password protection feature when you install a software that uses .htaccess files too, like oscommerce.

    Instead of using the password protect feature from 42go you will have to modify the .htaccess manually and add a section like the one falko posted above:

    Code:
    AuthType Basic
    AuthName "Passwortgeschützter Bereich"
    AuthUserFile /path/to/.htpasswd
    require user username
    then make add the users that shall have access to your site with the "htpasswd" commandline utility.
     
  8. Median

    Median New Member

    That's fixed it.

    Many thanks for you help and patience guys :)
     

Share This Page