neophil Posted November 8, 2008 Share Posted November 8, 2008 I'm new to *nix and apache so hopefully this is the right place to post this rather simple question. I keep getting forbidden errors with browser (http) access. The logon user and password popup appears but it comes up forbidden. The directory attributes are 755 , I tried 711 as well. and here is the htaccess. the group and pswd files are ok. file:htacess----------- # -FrontPage- Options None <Limit GET POST> order deny,allow deny from all allow from all require group authors administrators </Limit> <Limit PUT DELETE> order deny,allow deny from all </Limit> AuthType Basic AuthName [sitename.com] AuthUserFile [path]/_vti_pvt/service.pwd AuthGroupFile [path]/_vti_pvt/service.grp file:[path]/_vti_pvt/service.grp-------- administrators: loginname authors: file:[path]/_vti_pvt/service.pwd-------- # -FrontPage- loginname:[encrypted password] Link to comment Share on other sites More sharing options...
Lechio Posted November 8, 2008 Share Posted November 8, 2008 In general, you should never use .htaccess files unless you don't have access to the main server configuration file. There is, for example, a prevailing misconception that user authentication should always be done in .htaccess files. This is simply not the case. You can put user authentication configurations in the main server configuration, and this is, in fact, the preferred way to do things. http://httpd.apache.org/docs/2.2/howto/htaccess.html Link to comment Share on other sites More sharing options...
neophil Posted November 8, 2008 Author Share Posted November 8, 2008 http://httpd.apache.org/docs/2.2/howto/htaccess.html I read that long ago in researching this problem. I took that to mean it was not applicable to a hosted website. Like I mentioned I'm not experienced with this. So I am guessing at some of the goings on. How would I access the server config files and how are changes implemented when the docs you reference say the configuration is set on Apache startup. I'd like to manage my website without frontpage or at least knowing what frontpage is doing, but I haven't found a good tutorial on the web yet. Does anyone know why I am having problems stated in my original post? Thanks for replying. Phil Link to comment Share on other sites More sharing options...
Lechio Posted November 8, 2008 Share Posted November 8, 2008 I read that long ago in researching this problem. I took that to mean it was not applicable to a hosted website. Like I mentioned I'm not experienced with this. So I am guessing at some of the goings on. How would I access the server config files and how are changes implemented when the docs you reference say the configuration is set on Apache startup.I'd like to manage my website without frontpage or at least knowing what frontpage is doing, but I haven't found a good tutorial on the web yet. Does anyone know why I am having problems stated in my original post? Thanks for replying. Phil Clarify this if you could. The server you are setting up is a server you have administrative access to? The global configuration files are located in "/etc/apache2" if you use apache 2 and "/etc/apache" if you use apache 1.x. "apache2.conf" and "httpd.conf" are the files to edit. Link to comment Share on other sites More sharing options...
neophil Posted November 9, 2008 Author Share Posted November 9, 2008 Clarify this if you could. The server you are setting up is a server you have administrative access to? no no, I am not the host. My ISP is hosting my site with apache so I don't have access to the server, only my hosted site. I don't know why I can access any folder via http (GET) until I insert this .htaccess file. the page asks for username/password and it should authenticate me with the 'Require directive' and allow me the GET. I'm at a loss. The docs for these directives say first deny all then allow all with all being the default which require sets the authentication files that have th group and password info. I'm dumb. If I had server access maybe I could check the error logs. I asked my ISP but haven't heard yet. Link to comment Share on other sites More sharing options...
Lechio Posted November 9, 2008 Share Posted November 9, 2008 So it denies access via http? OK... Do you have the "index.html" ("index.php" or other index file with some other termination) file on that directory that you are trying to access? Cause if it asks you for the username and password via http is due to the simple reason that the server doesn't allow directory listing. To change the contents of your site use ftp. You have an ftp account don't you? Regards. Link to comment Share on other sites More sharing options...
neophil Posted November 9, 2008 Author Share Posted November 9, 2008 Options None aaaahhhh. This is the problem. This directive also denies 'IndexDir' option which allows the directory listing. delete it for default of 'all' and it lists the directory. Maybe this info will help some other future tinkerer like me. Thanks for trying to help, LechioPT Phil Link to comment Share on other sites More sharing options...
Recommended Posts