htaccess , htpasswd and error 401

htaccess , htpasswd and error 401 - .htaccess files are extremely useful in many cases for users who either do not have root permissions or for users who simply aren't comfortable in making changes in their web server's configuration file. Trying to debug .htaccess not working isn't always the easiest thing to do, however, hopefully by checking the discuss below mentioned about htaccess, authentication, htpasswd, , .htaccess common problems as well as the troubleshooting tips, you'll have a better grasp on what you may have to modify to get your .htaccess file running smoothly.Problem :


I have a problem with htpasswd.



I get an error in error.log apache2




user admin: authentication failure for "/": Password Mismatch




Content of my htaccess file:



# Set Access Restrictions

AuthType Basic
AuthName "admin"
AuthUserFile ".htpasswd"
require valid-user


and content of my htpasswd



admin:xxxxx

Solution :

From your comment I take it that you just created a plain text password. This will not work for Apache, as Apache expects the password in .htpasswd to be hashed by the MD5 algorithm.



There are several tools available online for generating .htpasswd files, but the easiest might be the one that comes with Apache, it's called htpasswd. On RHEL (Fedora, Red Hat, CentOS) systems you'll need the httpd-tools package (yum install httpd-tools). On Ubuntu systems it's in the apache2-utils package (apt-get install apache2-utils). If you're using XAMPP on Windows it's in the folder xamppapachebin.



To use htpasswd with the .htaccess file you've already got configured, you'd simply do htpasswd /protected/.htpasswd user and then type in your desired password (twice) when prompted. It will then generate your .htpasswd file in the /protected/ directory.



Make sure that you are including the entire path for AuthUserFile. I would suggest that you create a protected directory instead of doing this on the root directory. I made sure and tested these configurations to ensure that they worked.



File Locations



/protected/.htaccess
/protected/.htpasswd


.htaccess File



AuthType Basic
AuthName "restricted area"
AuthUserFile /protected/.htpasswd
require valid-user


. htpasswd File



user:password


Make sure that the password is MD5'd, here is a tool.



Finally, I have not hash a password to md5 .... I've used notepad ++ and I put the password in simple character



I followed this tutorial with the linux command for create file htaccess



enter image description here



now my content of my htpasswd :



admin:$apr1$Oy4JMDb0$yb00PbzV9mrq07lPivrzL1

Additionally, if you would like to do some further testing, give the htaccess tester tool a try. It allows you to specify a certain URL as well as the rules you would like to include and then shows which rules were tested, which ones met the criteria, and which ones were executed.

Comments

Post a Comment

Popular posts from this blog

Rewrite in Mediawiki, remove index.php, .htaccess

Rewrite in Mediawiki, remove index.php, .htaccess - .htaccess  files are  extremely useful  in many cases for users who either do not have root permissions or for users who simply aren't comfortable in making changes in their web server's configuration file. Trying to debug  .htaccess not working isn't always the easiest thing to do, however, hopefully by checking the discuss below mentioned about apache, htaccess, redirects, 301-redirect, .htaccess  common problems as well as the troubleshooting tips, you'll have a better grasp on what you may have to modify to get your  .htaccess file running smoothly. Problem : I've just installed Mediawiki on Apache and I want the URL should be: localhost/Main_Page/ localhost/Special:Recent_Changes ... instead of: localhost/index.php/Main_Page/ localhost/index.php/Special:Recent_Changes I've tried many times and in many ways but it still doesn't work. Any suggest for a "exactly" what to do, st...
Read more

.htaccess rewrite wildcard folder paths from host

.htaccess rewrite wildcard folder paths from host - .htaccess  files are  extremely useful  in many cases for users who either do not have root permissions or for users who simply aren't comfortable in making changes in their web server's configuration file. Trying to debug  .htaccess not working isn't always the easiest thing to do, however, hopefully by checking the discuss below mentioned about htaccess, mod-rewrite, , , .htaccess  common problems as well as the troubleshooting tips, you'll have a better grasp on what you may have to modify to get your  .htaccess file running smoothly. Problem : My desired result is change a file to root / from a N number of paths. For example: www.host.com/a/b/c/e/f/g/images/1.jpg , where A~G is not always given. Result: www.host.com/images/1.jpg . This is what I have so far: www.host.com/a/images --> www.host.com/images using: RewriteRule ^a/images/$ images/$1 [L] . What I need is a wildcard in front of /i...
Read more

Using .htaccess to set a cookie and 301 redirect

Using .htaccess to set a cookie and 301 redirect - .htaccess  files are  extremely useful  in many cases for users who either do not have root permissions or for users who simply aren't comfortable in making changes in their web server's configuration file. Trying to debug  .htaccess not working isn't always the easiest thing to do, however, hopefully by checking the discuss below mentioned about htaccess, redirects, 301-redirect, mod-rewrite, .htaccess  common problems as well as the troubleshooting tips, you'll have a better grasp on what you may have to modify to get your  .htaccess file running smoothly. Problem : I currently have in my .htaccess : RewriteRule ^$ http://chfmaine.com/ [CO=moved:yes:chfmaine.com:1/,R=301,NE,NC,L] I was basing this off of this post . That's a lot more than I need but the setting of the cookie should be the same. Maybe I am misunderstanding the domain part of the cookie. If I set it to CHFmaine.com shouldn’t that ...
Read more