0

I am attempting to lock a file out for me only (it's a log, and I don't want users to see it).

This is my .htpasswd:

foo:bar

And this is my .htaccess:

AuthUserFile /home/kapip/public_html/.htpasswd
AuthType Basic
AuthName "This is allowed for admin purposes only"

<Files "users.log">
  Require valid-user
</Files>

Even if I put in the correct password after the dialog, the dialog just flashes as if the request was sent, and then it pops up again. No matter what I put in, I can't see my file.

Some Specs

  • I'm on shared hosting
  • The .htpasswd, .htaccess, and log file are in the same directory
  • Even if i change users.log to users.txt, it still doesn't work
  • If I click "cancel" when it asks for credentials, it gives a 401 Response

Please help me! :(

  • Are you using cpanel or any other shared hosting panels? Although is not the best solution, you can use the password protect feature that will give you a hand with this kind of situations. – camilo_u Nov 28 '11 at 23:36
  • @Ken Check out [this meta post](http://meta.stackexchange.com/questions/7046/how-do-i-get-attention-for-my-old-unanswered-questions) for some advice on how to get more attention for an unanswered question. – Adam Lear Dec 13 '11 at 00:32

1 Answers1

2

Did you run htpasswd -c on your password file? It's normally a hash and not a plaintext password. Take a look at the htpasswd man page.

EDIT:

If you don't have shell access, you can create your htpasswd file using the htpasswd generator and the copy the file to your shared host. You should be able to use cPanel's FileManager.

One thing that I would suggest though: You should NOT put your htpasswd file in your public_html directory, people will be able to access it via http://your-domain/.htpasswd which is VERY BAD

Jon Lin
  • 142,182
  • 29
  • 220
  • 220