htpasswd coflicting with htaccess

Question

When I try to add AuthType my site does not work when I enter my password. Do you know what is wrong?

I am getting error 500. But without AuthType it works

AuthType Basic
AuthName "restricted area"
AuthUserFile .htpasswd
require valid-user

RewriteEngine On

RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule (.*) https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Options All -Indexes -MultiViews

RewriteCond %{DOCUMENT_ROOT}/$1.html -f [NC]
RewriteRule ^(.+?)/?$ $1\.html

RewriteCond %{REQUEST_URI} ^$1/index [NC]
RewriteRule ^ - [L]

RewriteRule ^en/ - [L]
RewriteRule ^pl/ - [L]

RewriteCond %{HTTP:Accept-Language} !^pl [NC]
RewriteCond %{REQUEST_URI} !^/assets [NC]
RewriteCond %{REQUEST_URI} !^/js [NC]
RewriteCond %{REQUEST_URI} !^/lib/sendmail.php [NC]
RewriteCond %{REQUEST_URI} !^/robots.txt [NC]
RewriteCond %{REQUEST_URI} !^/sitemap.xml [NC]
RewriteRule ^ /en%{REQUEST_URI} [L]

RewriteCond %{HTTP:Accept-Language} ^pl [NC]
RewriteCond %{REQUEST_URI} !^/assets [NC]
RewriteCond %{REQUEST_URI} !^/js [NC]
RewriteCond %{REQUEST_URI} !^/lib/sendmail.php [NC]
RewriteCond %{REQUEST_URI} !^/robots.txt [NC]
RewriteCond %{REQUEST_URI} !^/sitemap.xml [NC]
RewriteRule ^ /pl%{REQUEST_URI} [L]

Your question contradicts itself: first you say that adding `AuthType` breaks your site, then you state that "it works". Now what? — arkascha, Mar 08 '22 at 07:11
https://httpd.apache.org/docs/2.4/mod/mod_authn_file.html#authuserfile: _"[The] File-path [argument] is the path to the user file. If it is not absolute, it is treated as relative to the ServerRoot."_ - are you sure `AuthUserFile .htpasswd` is referring to the correct location? — CBroe, Mar 08 '22 at 07:28

score -1 · Answer 1 · answered Mar 08 '22 at 05:31

-1

Reference https://httpd.apache.org/docs/2.4/mod/mod_authn_core.html#authtype

AuthType can only be enclosed in a <Directory> statement, or in a .htaccess file. So you must specify a directory, like this:

<Directory "/www/htdocs">

    YOUR AUTH CONFIGURATION HERE

</Directory>

It is not allowed to have it like you did. If you want to protect your entire site with this, you can setup your <Directory> clause on the same directory as your DocumentRoot value.

answered Mar 08 '22 at 05:31

Nic3500

8,144
10
29
40

_"or in a .htaccess file"_ - I didn't see any indication that that would _not_ be the context of the question here. – CBroe Mar 08 '22 at 07:24
Enclode doesn't work in ".htaccess file" – debek Mar 08 '22 at 08:18
The context for AuthType does mention directory, .htaccess. – Nic3500 Mar 08 '22 at 15:20

htpasswd coflicting with htaccess

1 Answers1