0

I am writing a htaccess file for Apache 2.4.

I have in the basic config the directives "AllowOverrideAll" and "Require all granted" and I want to restrict the access to a folder.

Then I create a .htaccess file in the folder. The file works if I set for example "Require all denied", but if I set "Require valid-user" I have a misconfiguration error.

For example, if I try the htaccess with this content

AuthType Basic
AuthName "Authentication Required"
Authuserfile "/etc/htpasswd/.htpasswd"
require all denied

works ("Forbidden: You don't have permission to access /TorGuard/ on this server.") but with this content

AuthType Basic
AuthName "Authentication Required"
AuthUserfile "/etc/htpasswd/.htpasswd"
require valid-user

I have an error ("Internal Server Error: The server encountered an internal error or misconfiguration and was unable to complete your request.")

In particular I am working on a QNAP and the htaccess is in the folder of the WEBUI of my application.

n3mo
  • 663
  • 8
  • 23
  • "Internal Server Error" is just a generic message for public display. You need to find real message in the Apache error log file (in Linux, it tends to be somewhere under `/var/log/httpd`). If it's some shared hosting you may have a control panel to see logs. – Álvaro González Jul 13 '17 at 15:02
  • You were right, the log explained everything. I had to activate it for this I could not see anything useful, the loglevel was too high, and the log file in QNAP was not in the standard directory. My mistake was simply that the .htpasswd did not exist. Really I knew that it did not exist, but I expected the same error with "require all denied". Probably if Apache see "all denied" or "all granted", it does not check the existence of the .htpasswd. Gracias Alvaro – n3mo Jul 14 '17 at 07:26

0 Answers0