I want to restrict access to my site using Password Protection with .htaccess and .htpasswd, but since in the main directory a .htaccess file already exists it does not work straight away.
Could somebody explain how to maker it work together with existing .htaccess file.
My oxid shop version is CE 4.1.6_22740
Maybe there is a better way to ask for authentication to enter the website?
Hello there,
AuthType Basic
AuthName "My Protected Area"
AuthUserFile /path/to/.htpasswd
Require valid-user
should be the beginning of your .htaccess, of course you need to adapt the /path/to part …
[QUOTE=holgt;68424]Hello there,
AuthType Basic
AuthName "My Protected Area"
AuthUserFile /path/to/.htpasswd
Require valid-user
should be the beginning of your .htaccess, of course you need to adapt the /path/to part …[/QUOTE]
tested and it works great, thanks
there is a problem:
when this code is placed to .htaccess file, the apache mod_rewrite module stops working. is there any ways to make it work together?
AuthName "My Protected Area"
AuthUserFile /home/lithuania/domains/ to to /.htpasswd
Require valid-user
<IfModule mod_rewrite.c>
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{REQUEST_URI} !(/core/|/export/|/modules/|/out/|/setup/|/tmp/|/views/)
RewriteRule admin/test.php$ admin/test.php?mod_rewrite=1
RewriteCond %{REQUEST_URI} !(/admin/|/core/|/export/|/modules/|/out/|/setup/|/tmp/|/views/)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule !(.html|/|.jpg|.css|.pdf|.doc|.gif|.png|.js)$ %{REQUEST_URI}/ [R=301,L]
RewriteCond %{REQUEST_URI} !(/admin/|/core/|/export/|/modules/|/out/|/setup/|/tmp/|/views/)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule (.html|/)$ oxseo.php
</IfModule>
<FilesMatch “(EXCEPTION_LOG.txt|.log$|.tpl$)”>
order allow,deny
deny from all
</FilesMatch>
Options -Indexes
in your .htaccess you posted :
AuthType Basic
is missing, but this should throw an apache error.
Well depending on your configuration i might imagine that .htaccess is just completely ignored then …
When i am using this, all the mod_rewrite entries still work as they should.
AuthType Basic - is in my file, the whole code of .htaccess file looks like this. Is there something else missing? The authentification works, but apache mod_rewrite module stops working. The .htaccess file is in the main directory /public_htm.
AuthType Basic
AuthName "My Protected Area"
AuthUserFile /home/lithuania…/.htpasswd
Require valid-user
<IfModule mod_rewrite.c>
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{REQUEST_URI} !(/core/|/export/|/modules/|/out/|/setup/|/tmp/|/views/)
RewriteRule admin/test.php$ admin/test.php?mod_rewrite=1
RewriteCond %{REQUEST_URI} !(/admin/|/core/|/export/|/modules/|/out/|/setup/|/tmp/|/views/)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule !(.html|/|.jpg|.css|.pdf|.doc|.gif|.png|.js)$ %{REQUEST_URI}/ [R=301,L]
RewriteCond %{REQUEST_URI} !(/admin/|/core/|/export/|/modules/|/out/|/setup/|/tmp/|/views/)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule (.html|/)$ oxseo.php
</IfModule>
<FilesMatch “(EXCEPTION_LOG.txt|.log$|.tpl$)”>
order allow,deny
deny from all
</FilesMatch>
the oxid version OXID eShop CE 4.1.6_22740
Well i cannot see, why the Auth Block makes the mod_rewrite block fail.
Anyway if you remove it and the mod_rewrite block functions then, you might want to move the Auth Block to the apache vhost.conf …