1

I have a site hosted on hostgator that I've set up with a directory to use htaccess/htpasswd for authentication. It's working fine but only for a user named test.

Here's the relevant htaccess

<filesMatch "(-priv)">
    AuthType Basic
    AuthName "Private Area"
    AuthUserFile /home/username/public_html/site/test/.htpasswd
    Require user test
</filesMatch>

and the htpasswd has 2 users

test:ovCvloB9kYgBQ
admin:RxvCRMqtdryys

I can log in using the test user but if I use any other name authentication fails. I can change the password for the test user and authentication reflects the change. The behavior is consistent across browsers and IPs.

Is there any way to debug this?

And before you say it, I know not to put the .htpasswd file above webroot, this is a test setup.

T. Markle
  • 897
  • 8
  • 15

1 Answers1

2

You have Require user test

Change to Require valid-user

Mitch Dempsey
  • 38,725
  • 6
  • 68
  • 74
  • Ah you're a flippin genius! But is there a way to see what Apache is doing? There weren't any log entries so I couldn't find out what was happening. +1 for the fix! – T. Markle Sep 27 '12 at 03:58
  • In this case, I dont think a lot would be of much use, since apache was doing exactly what it was instructed to do. – Mitch Dempsey Sep 27 '12 at 05:47