Protecting a directory using .htaccess and .htpasswd

Question

I want to protect an admin folder in my PHP web site from other people. I created two files .htaccess and .htpasswd, but when I enter to the index page on this folder it doesn't show me that dialog where I have to enter the username and the password, here are the content of the files :

The .htpasswd file :

mateo21:$1$MEqT//cb$hAVid.qmmSGFW/wDlIfQ81
ptipilou:$1$/lgP8dYa$sQNXcCP47KhP1sneRIZoO0
djfox:$1$lT7nqnsg$cVtoPfe0IgrjES7Ushmoy.
vincent:$1$h4oVHp3O$X7Ejpn.uuOhJRkT3qnw3i0

The .htaccess file :

AuthName "Page d'administration protégée"
AuthType Basic
AuthUserFile "/var/www/sec/.htpasswd"
Require valid-user

I'm running Linux ubuntu and apache.

uh, you probably don't want to post your password hashes – Jon Lin Aug 16 '13 at 21:48 — Jon Lin, Aug 16 '13 at 21:48
@JonLin the web site isn't online it's on my computer. – Aimad Majdou Aug 16 '13 at 21:51 — Aimad Majdou, Aug 16 '13 at 21:51

score 1 · Answer 1 · answered Aug 16 '13 at 21:49

1

You need to deny everything first. Try:

Order Deny,Allow
Deny from all

AuthName "Page d'administration protégée"
AuthType Basic
AuthUserFile "/var/www/sec/.htpasswd"
Require valid-user

answered Aug 16 '13 at 21:49

Jon Lin

142,182
29
220
220

rdgd · Answer 2 · 2013-08-17T00:04:44.357

0

If what @Jon Lin said doesn't work, then make sure you have

AllowOverride AuthConfig

in your /etc/httpd/httpd.conf file

If you can't find your configuration file, then try searching for it in terminal...

locate "httpd.conf"

Or

find /etc/ -name "httpd.conf"

edited Aug 17 '13 at 00:04

answered Aug 16 '13 at 21:54

rdgd

1,451
2
18
33

I can't find that file anywhere – Aimad Majdou Aug 16 '13 at 22:12

Protecting a directory using .htaccess and .htpasswd

2 Answers2