htaccess给出500-内部服务器错误

Question

I am protecting a html file with htaccess and htpasswd. When I try accessing it, after putting both user and password, instead of loading the "index.html" file I get a "500 - Internal Server Error"

AuthName "Restricted Area" 
AuthType Basic 
AuthUserFile home/folder/index.html/.htpasswd 
AuthGroupFile /dev/null 
require valid-user

Any suggestions? Maybe something with the hosting service?

Answer 1

First of all, consult the error-log (usually located in /var/log/apache2/error.log ) to see the exact cause of the error.

If you do not have access to it, check the following:

• is this technique supported by the server? (ask your provider or admin)
• is AuthUserFile correct? It seems to be missing a slash and the directory is unusual. I would have suspected something like AuthUserFile /home/webuser/sitefolder/.htpasswd .
• change the group-file to AuthGroupFile None instead of pointing apache to read /dev/null . Think of /dev/null as a bottom-less trashcan. It's not easy to get anything from there and might be a reason for the server to fail trying.
• change the case of your require to Require valid-user . It needs to be a capital R.

To sum up:

AuthName "Restricted Area" 
AuthType Basic 
AuthUserFile /home/webuser/sitefolder/.htpasswd 
AuthGroupFile None
Require valid-user

For further info, I recommend http://httpd.apache.org/docs/ .

Answer 2

I know the question is a little old, but for those struggling to find the answer, make sure the path to AuthUserFile is correct and access to the .htpasswd file is set to 0655.

The file is being read by the user associated with the .htaccess file. If that user cannot execute it (ie if it's set to 644, etc.), the server cannot read the file to authenticate it and you get a permissions error, ie an Error 500.

Answer 3

Now this question is older still , but I thought I'd also chime in because I didn't find the solution that eventually worked for me anywhere. Besides, it is still unanswered.

I too was getting a 500 error on my password .htaccess, and according to the error log, it was due to an "AuthName takes one argument" problem. After pounding my head against this for way too long, I finally noticed I had "curly" quotes around the AuthName, as opposed to the correct straight quotes. I replaced these, confident that I had fixed my issue.

Still, 500. Nearly threw my laptop out the window. At this point my code looked like this:

# PW PROTECT INT DIRECTORY
AuthType Basic
AuthName "Login"
AuthUserFile /home/mywebsite/mywebsite.com/reports/int/.htpasswd
require valid-user

Six ways till Sunday later, as a desperate hail Mary, I removed a comment I had diligently included at the very top of the file (gotta include those comments). That did it, 500 resolved. Finally.

I can't speak to why this was parsed as an AuthName problem in the error logs, but I think my problem all came down to trying to copy/paste the code through a less-than-ideal "plain text" editor (in this case, Apple's TextEdit, which was also responsible for those cute curly quotes, present even in plain text mode). This is an error I'll not be repeating.

I don't know if the "#" hash character is somehow goofy in TextEdit, or if there's some issue with line 1 being a comment, amounting to a blank line (not seen that anywhere), but removing the comment line did it (if anyone knows why, I'd love to hear it).