By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
455,722 Members | 1,227 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 455,722 IT Pros & Developers. It's quick & easy.

securing host username password

P: n/a
hi-

i am going through the process of password protecting a directory using
..htaccess and .htpasswd

i am experiencing difficulty. so my question is without making life
anymore difficult is if the webhost already has a password protected
directory option is this secure enough? i dont need password protection
at
the directory level and at the file level do i? i want to protect the
php_include files that will contain my $host $username $password.

here is what i did only so you dont think i am totaly crazy.

AuthUserFile /home/file_access/.htpasswd
AuthName EnterPassword
AuthType Basic

require usernamegoeshere

i put .htaccess in a directory like
publichtmlfolder/php_include
i put usernamegoeshere : encryptedstringgoeshere

i must be missing some little step. i uploaded ascii.
i just dont know. i am at a loss.
note: it isnt even displaying the EnterPassword in the password dialog.
It seems to be the password directory dialog for logging on to
ipowerweb.
The only thing i can say looks even partially right is when i type in
mydomainname/php_include i am prompted with the password dialog.

thanks. sorry for the confusion :-)
jim

Jul 17 '05 #1
Share this Question
Share on Google+
5 Replies


P: n/a
note: it isnt even displaying the EnterPassword in the password dialog.
It seems to be the password directory dialog for logging on to
ipowerweb.

thanks. sorry for the confusion :-)
jim


oops. yes it does display EnterPassword in the dialog.
just tried it under netscape instead of IE browser.
still no luck. maybe i will find a different site for generating
the encryption.

any suggestions are appreciated.

thanks.
Jul 17 '05 #2

P: n/a
hi-

i tried so hard at this tonight. i basically wasted my whole friday night
trying to get this to work and am not happy about it :-(

here is what i tried different (it should work $%#@!D )

i put this in a file named .htaccess

AuthUserFile /home/3rdshift/public_html/.htpasswd
AuthName EnterPassword
AuthType Basic
require user telzonking

i put this in a file named .htpasswd

telzonking : 95Mn1arkwMSyc

i upload them using ascii mode

..htaccess was placed in directory i want protected

..htpasswd got placed in my public_html folder

i must be cursed!!!!!!!!!!!!!!!!!!!!!!!!!!

thanks for any suggestions
jim
Jul 17 '05 #3

P: n/a
hi-

i read in a thread some advice to enable the appache error log
on the ipower webserver. i did this. it could take up to
24 hours.

i will be curious to see what it has to say.

later
Jul 17 '05 #4

P: n/a
"j-marvin" <cu******@service.boy> wrote in
news:Xn*************************@24.24.2.165:
hi-

i read in a thread some advice to enable the appache error log
on the ipower webserver. i did this. it could take up to
24 hours.

i will be curious to see what it has to say.

later


hi-

the error log at ipowerweb helped. that was good advice.

one of the things i did it didnt like was leave
spaces in my username : password.
i changed it to username:password and it works.

i also had trouble understanding a server path versus a
relative url path. i'd test my relative url paths and
they'd work but i needed to use a server path instead.
for instance /home/3rdshift/public_html/.htpasswd is
the same as <a href= "/.htpasswd"></a> but i couldnt
use href style relative paths in the .htaccess file.

i hope this explanation helps someone in the future.

so anyways it works now.
thanks,
jim

Jul 17 '05 #5

P: n/a
.oO(j-marvin)
i am going through the process of password protecting a directory using
.htaccess and .htpasswd

i am experiencing difficulty. so my question is without making life
anymore difficult is if the webhost already has a password protected
directory option is this secure enough? i dont need password protection
at
the directory level and at the file level do i? i want to protect the
php_include files that will contain my $host $username $password.


Why not simply put the includes outside of the document root? Then you
don't need HTTP authentication, because the files are not accessible
with HTTP.

Micha
Jul 17 '05 #6

This discussion thread is closed

Replies have been disabled for this discussion.