[英]htaccess not finding .htpasswd file
I'm trying to password protect a directory on my site. 我正在尝试用密码保护我网站上的目录。 I can get the .htaccess working so that when I visit the directory a password prompt is shown, however when I put the correct credentials that I've stored within my .htpasswd file I am not granted access. 我可以使.htaccess正常工作,以便在我访问目录时显示密码提示,但是,当我将存储在.htpasswd文件中的正确凭据放入存储库时,则无权访问。 The password prompt just pops up again. 密码提示再次弹出。
I believe it's a problem with the path to the .htpasswd file in the .htaccess file. 我相信.htaccess文件中.htpasswd文件的路径存在问题。 I've checked my document root (_SERVER["DOCUMENT_ROOT"]) and it shows that the root is this: 我检查了我的文档根目录(_SERVER [“ DOCUMENT_ROOT”]),它表明根目录是这样的:
/var/www/vhosts/myurl.info/httpdocs
so my .htaccess looks like so: 所以我的.htaccess看起来像这样:
AuthName "Restricted Area"
AuthType Basic
AuthUserFile /var/www/vhosts/myurl.info/httpdocs/.htpasswd
AuthGroupFile /dev/null
require valid-user
I've put the .htpasswd in the root document folder (httpdocs). 我已将.htpasswd放在根文档文件夹(httpdocs)中。
Any ideas what I'm doing wrong? 有什么想法我做错了吗? Everything looks correct to me. 一切对我来说都是正确的。
If the path were invalid, you'd get a 500 error or something. 如果路径无效,则会出现500错误或类似错误。 Since the browser prompts for password, most likely the path is correct. 由于浏览器提示输入密码,因此路径很可能是正确的。 However You need to make sure you generated the htpasswd correctly. 但是,您需要确保正确生成了htpasswd。 Check this- http://www.htaccesstools.com/htpasswd-generator/ 检查此-http : //www.htaccesstools.com/htpasswd-generator/
Make sure the .htpasswd
is in the format of user:passwordhash
, where passwordhash
can be of the following types: 确保.htpasswd
格式为user:passwordhash
,其中passwordhash
可以为以下类型:
MD5
function, a bit similar to cryptographic hashing) MD5(使用MD5
函数的Apache特定算法,有点类似于加密哈希) .htpasswd
file) SHA1(每个密码只有一个可能的结果,因此,如果黑客设法获取.htpasswd
文件,则可能会反转产生的哈希值) Normally you will choose CRYPT
, but if you have a longer password consider MD5
or SHA1
. 通常,您会选择CRYPT
,但是如果您的密码较长,请考虑使用MD5
或SHA1
。 Never try to use plain text as it is not supported on Linux and is dangerous. 切勿尝试使用纯文本,因为Linux不支持纯文本,这很危险。
First try to remove line "AuthGroupFile /dev/null" - I don't specify it if not using group file... 首先尝试删除“ AuthGroupFile / dev / null”行-如果不使用组文件,则不指定行...
If it doesn't help - have a look in error.log of apache... it'll give you hints. 如果没有帮助,请查看apache的error.log ...它将为您提供提示。 Of post relevant part of the error.log here... 在error.log的此处发布相关部分...
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.