Silverstripe BasicAuth::protect_entire_site loops on Plesk Server

Question

We have moved some Silverstripe websites from AWS to a Plesk environment (requested by client).

One of the sites is a test website protected by this code:

BasicAuth::protect_entire_site(true, 'ACCESS_TEST_SITE');

Visiting the test website in the AWS environment would result in a HTTP authentication box popping up in the browser. Entering a valid admin username/ password would then allow access to the website.

In the Plesk environment the HTTP authentication box pops up, but entering in a valid admin username/ password results in it popping up again and again.

I'm guessing that some configuration in Plesk is causing this loop but I don't know where to start looking.

Has anyone run into this issue before/ found a solution?

Can you share what is in domain's error logs? Should be located in /var/www/vhosts/system/yourdomain/logs/ — Elvis Plesky, Nov 07 '17 at 03:23
Does the site work, when you disable `BasicAuth`. It might be another, unrelated error causing this behaviour. — wmk, Nov 08 '17 at 06:47

score 1 · Accepted Answer · answered Nov 07 '17 at 04:00

In Plesk there is no need to use a code to force authentication: instead, Plesk offers Password-Protected Directories option:

open Domains > your domain > Password-Protected Directories > click Add Protected Directory.

Leave directory name as / in order to force authentication page for the main domain's page.

To add a certain user/users+passwords, click Add User in Domains > your domain > Password-Protected Directories > open your newly created directory

This way the code to force authentication is not required.

Silverstripe BasicAuth::protect_entire_site loops on Plesk Server

1 Answers1