I'm trying to protect an older TYPO3 8.7 backend (/typo3) via an AuthType basic part in the normal TYPO3 .htaccess file. I always end up with internal server errors. Has anyone done this before? Is it possible that this could not wor with the symlinks?
I am puting this part of code on top of my .htaccess (before all the rwrite stuff starts):
SetEnvIf Request_URI ^.*/typo3.* require_auth=true
AuthType basic
AuthName "Admin Schutz"
AuthUserFile /usr/etc/.htpasswd
#Order Deny,Allow
#Deny from all
#Satisfy any
Require valid-user
Allow from env=!require_auth
Thanks for any hints!
Should work with:
AuthType basic
AuthName "Secret area!"
AuthUserFile /usr/etc/.htpasswd
require valid-user
Order deny,allow
Deny from all
Satisfy ANY
An internal server error is thrown, eg if your path to the AuthUserFile isn't correct.
Here i've written down my snippet for my personal public documentation: https://www.entwicklertools.de/snippet-sammlung/htaccess-snippets/passwortschutz-einrichten/
Assuming that your /usr/etc/.htpasswd
file is accessible and valid (created properly with htpasswd
command and chmoded to 644
) your sample should work for Apache 2.2
, but not in Apache 2.4
according to comments in this post . Literally in 2.4
it will work, but will require password also for your root domain.
There are two solutions. First is placing additional .htaccess
files in your typo3
directory with simple rule, ie as shown by @Naderio :
AuthType basic
AuthName "Secret area!"
AuthUserFile /usr/etc/.htpasswd
require valid-user
Order deny,allow
Deny from all
Satisfy ANY
However, if you created a typo3
symlink to sources as suggested in TYPO3's documentation and/or you don't want to require BasicAuth for all projects which uses the same sources, you can override these settings directly in VHOST configuration like (assuming that you have all your TYPO3 projects ie in /www/typo3/
folder:
<VirtualHost *:80>
ServerAdmin your@email.tld
DocumentRoot "/www/typo3/project-x.loc"
ServerName project-x.loc
# below your valid paths for log files...
# ErrorLog "logs/project-x.loc-error_log"
# CustomLog "logs/project-x.loc-access_log" common
<Directory "/www/typo3/project-x.loc">
Options Indexes FollowSymLinks ExecCGI Includes
AllowOverride All
Require all granted
</Directory>
<Directory "/www/typo3/project-x.loc/typo3">
AuthType basic
AuthName "Restricted in VHOST config!"
AuthUserFile /usr/etc/.htpasswd
require valid-user
Order deny,allow
Deny from all
Satisfy ANY
</Directory>
</VirtualHost>
Note: I'd check anyway if the path you are trying to use /usr/etc/
is accessible for Apache at all, maybe it will be better moving your .htpasswd
file somewhere closer to your www
structure like to folder /www/etc/
and fix the above rules accordingly?
Thanks to all replies.
finally we also did this in the vhost by the following code using the "location"-tag.
<Location /typo3/>
AuthType Basic
AuthName "Enter Password"
AuthUserFile /www_data/.htpasswd4xyz
Require valid-user
</Location>
In case you can't edit the vhost config, this line shoud work istead of your SetEnvIf in your .htaccess, intoo:
SetEnvIfNoCase Request_URI ^/typo3/$ require_auth=true
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.