TurnKey Linux Virtual Appliance Library

.htaccess and .htpasswd files

BGilbers's picture
Hello All, Pardon me if this has been covered before but I went through the forum and didn't see this issue. I'm having trouble with simple authorization between a .htaccess file and the .htpasswd file I'm pointing it toward. I've tried various locations and permissions and It will not work in Firefox or Internet Explorer. I've read the Apache .htaccess until I'm blue in the face but it will not work for me. I have the .htaccess in the directory I want to protect and am pointing it to the .htpasswd file in a directory outside of joomla and It just will not authenticate. If I remove the .htaccess file the directory works fine and if I move the .htpasswd file to a different location I get an error indicating it is messed up. When everything is in place it just keeps returning to the authorization prompt in an endless loop. I wanted to use the Directory directive but I'm not sure which Apache config file to put it in (apache2.confg or httpd.confg) Anyone else run into this problem? Thanks in advance. Ben
Guest's picture

.htaccess files don't work

Spent most of the past week scouring for info as to why my .htaccess files don't work and how to get them to work.

The new server is running TKL 14.0 LAMP. The old server was TKL 12 LAMP. Matching everything to the old server DOES NOT WORK! Not sure if TKL 14.0 LAMP is broken or if something changed names. The old server reports Debian 8 Jesse, so I assume the core should be the same.

And of course, we're using the exact same files on the new server, in the same location, by the same user. The new server never even asks for the name and password. Already cleared cache. Old site still asks for name and password like it's supposed to.

Any ideas?

Jeremy Davis's picture

Sorry for slow response...

Between v13.0 and v14.0 there were numerous changes and security improvements. One of those was that the Apache default behaviour of the "AllowOverride" directive changed from "All" to "None".

To simply make your .htaccess file wokr again you'll need to explicitly set the "AllowOverride All" directive somewhere within your Apache config. If you are using a more-or-less default LAMP then you'll want to edit the default site (/etc/apache2/sites-available/000-default) to include that in the body (within the site declaration of that file). You'll need to restart Apache after that (service apache2 restart).

I hope that helps.

Post new comment

The content of this field is kept private and will not be shown publicly. If you have a Gravatar account, used to display your avatar.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <strike> <caption>

More information about formatting options

Leave this field empty. It's part of a security mechanism.
(Dear spammers: moderators are notified of all new posts. Spam is deleted immediately)