You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Darren <ba...@crotchett.com> on 2001/12/08 22:22:45 UTC
.htaccess being ignored
I have thoroughly searched the FAQ's, docs, google and various articles
trying to figure out why my .htaccess file continues to be ignored. From
what I can gather, the most common error seems to be 1) not having
AllowOverride set to All or AuthConfig 2)not having the path to the
.htaccess file included in one of the <Directory> containers 3) not having
AccessFileName set to .htaccess or 4)permissions incorrectly set. But, I've
played with these for several hours and cannot seem to stumble on the
correct combination of settings.
I am using apache-1.3.22_4 on FreeBSD 4.4-RELEASE. And, here is what I have
tried.
First of all, I created my password file with htpasswd -c
/usr/local/etc/apache/users. I verified that the file contained the user
name and encrypted password. My DocumentRoot is set to
"/usr/local/www/htdocs/". So, I created a subdirectory called private in
/usr/local/www/htdocs/. Then, I created my .htaccess file and put it in
that directory (/usr/local/www/htdocs/private/.htaccess). The .htaccess
file contains the following:
AuthName "private matters"
AuthType Basic
AuthUserFile /usr/local/etc/apache/users
AllowOveride AuthConfig
# Satisfy All
<limit POST>
require valid-user
</limit>
The parts of httpd.conf that I think are relevant for anyone helping me
troubleshoot are:
<Directory "/usr/local/www/htdocs/private">
AllowOverride none
</Directory>
AccessFileName .htaccess
Note that I do restart apache with "httpd restart" between httpd.conf edits.
I have played with the permissions. They are currently set to:
fbsd# ls -ltr /usr/local/www/htdocs/private/.htaccess httpd.conf users
-rw-r----- 1 nobody nogroup 22 Dec 6 22:13 users
-rw-r--r-- 1 nobody nogroup 168 Dec 8 12:34
/usr/local/www/htdocs/private/.htaccess
-rw------- 1 nobody nogroup 7843 Dec 8 13:07 httpd.conf
The only thing that I may not have completely or adequately addressed is the
permission thing. Even though I have:
User nobody
Group nogroup
set in httpd.conf, a quick check of the /etc/group file didn't have any
references to apache. So, I edited it. But, I wasn't sure exactly how to
reference apache properly. So, I took the shotgun approach. The relevant
part of /etc/group looks lik this:
nogroup:*:65533:apache:httpd:http
nobody:*:65534:apache:httpd:http
I didn't want to reboot. But, I wasn't too sure how make sure that edits
to my /etc/group file had been recognized. So, I restarted apache again (I
figured that was like logging out and back in). So, I'm thinking that
although apache is asking to be recognized as user nobody and part of
nogroup, it is possible that the kernel isn't allowing it. Pardon my
ignorance on this.
I really can't think of any else to try. I would appreciate it if anyone
could either point me to the documentation that I have obviously been
overlooking, or making some other suggestions.
TIA,
Darren
PS It might be worthwhile to note that I have edited the appropriate
files many many times. The references that I am making to them in this
email are with respect to how they are currently set.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: .htaccess being ignored
Posted by Darren <ba...@crotchett.com>.
See www.crotchett.com/private
Darren
----- Original Message -----
From: "Joshua Slive" <jo...@slive.ca>
To: <us...@httpd.apache.org>
Sent: Saturday, December 08, 2001 10:50 PM
Subject: Re: .htaccess being ignored
>
> On Sat, 8 Dec 2001, Darren wrote:
> >
> > DocumentRoot "/usr/local/www/htdocs/"
> > <Directory "/usr/local/www/htdocs/private">
> > AllowOverride All
> > AuthName "private matters"
> > AuthType Basic
> > AuthUserFile /usr/local/etc/apache/users
> > </Directory>
>
> You don't need the .htaccess file at all. Just add "require valid-user"
> to the directory block above and restart the server.
>
> Joshua.
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: .htaccess being ignored
Posted by Darren <ba...@crotchett.com>.
Thanks. Thanks. Thanks. See my other post (to Lawrence) for what I was
doing wrong. I'm the retarded guy.
It is so awesome when things finally click.
Sigh of relief.
Darren
----- Original Message -----
From: "Joshua Slive" <jo...@slive.ca>
To: <us...@httpd.apache.org>
Sent: Saturday, December 08, 2001 10:50 PM
Subject: Re: .htaccess being ignored
>
> On Sat, 8 Dec 2001, Darren wrote:
> >
> > DocumentRoot "/usr/local/www/htdocs/"
> > <Directory "/usr/local/www/htdocs/private">
> > AllowOverride All
> > AuthName "private matters"
> > AuthType Basic
> > AuthUserFile /usr/local/etc/apache/users
> > </Directory>
>
> You don't need the .htaccess file at all. Just add "require valid-user"
> to the directory block above and restart the server.
>
> Joshua.
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: .htaccess being ignored
Posted by Joshua Slive <jo...@slive.ca>.
On Sat, 8 Dec 2001, Darren wrote:
>
> DocumentRoot "/usr/local/www/htdocs/"
> <Directory "/usr/local/www/htdocs/private">
> AllowOverride All
> AuthName "private matters"
> AuthType Basic
> AuthUserFile /usr/local/etc/apache/users
> </Directory>
You don't need the .htaccess file at all. Just add "require valid-user"
to the directory block above and restart the server.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: .htaccess being ignored
Posted by Darren <ba...@crotchett.com>.
Thanks for your suggestion. I have no idea why I had "none" in it at the
time that I posted that message. I must have changed my config files 50
times. So, in a way, it doesn't suprise me. But, I really don't know how
that happened to be that way then. Anyway, I commented out the <limit>
stuff from the .htaccess file. And, taking your advice, I edited the
httpd.conf file to be:
DocumentRoot "/usr/local/www/htdocs/"
<Directory "/usr/local/www/htdocs/private">
AllowOverride All
AuthName "private matters"
AuthType Basic
AuthUserFile /usr/local/etc/apache/users
</Directory>
I restarted my server and it's still "no go".
I've tried putting erroneous things in the .htaccess file. And, I tried
setting AllowOverride to something that I knew wouldn't work. When I
misconfigure .htaccess, I see no difference. When I misconfigure my
httpd.conf file, the server won't restart. So, I know that I'm editing a
good httpd.conf file. And, I know that the .htaccess isn't being evaluated.
I even took the part out of httpd.conf that prevents the .htaccess from
being
What else I can try?
Darren
----- Original Message -----
From: "Joshua Slive" <jo...@slive.ca>
To: <us...@httpd.apache.org>
Sent: Saturday, December 08, 2001 6:18 PM
Subject: Re: .htaccess being ignored
>
> On Sat, 8 Dec 2001, Darren wrote:
> >
> > AuthName "private matters"
> > AuthType Basic
> > AuthUserFile /usr/local/etc/apache/users
> > AllowOveride AuthConfig
> > # Satisfy All
> > <limit POST>
> > require valid-user
> > </limit>
>
> Remove the <limit POST> and </limit> lines, unless you want to ALLOW the
> other methods (GET PUT DELETE, etc).
>
> >
> > The parts of httpd.conf that I think are relevant for anyone helping me
> > troubleshoot are:
> >
> > <Directory "/usr/local/www/htdocs/private">
> > AllowOverride none
> > </Directory>
>
> Why is AllowOverrid set to "none"? As you just mentioned, the FAQ says it
> needs to be set to "all" or at least "authconfig".
>
> Another thing to mention is that it is not necessary to use .htaccess at
> all. You can just take the auth stuff from above (without the <limit>
> crap) and include it directly in the <directory> section.
>
> Joshua.
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: .htaccess being ignored
Posted by Joshua Slive <jo...@slive.ca>.
On Sat, 8 Dec 2001, Darren wrote:
>
> AuthName "private matters"
> AuthType Basic
> AuthUserFile /usr/local/etc/apache/users
> AllowOveride AuthConfig
> # Satisfy All
> <limit POST>
> require valid-user
> </limit>
Remove the <limit POST> and </limit> lines, unless you want to ALLOW the
other methods (GET PUT DELETE, etc).
>
> The parts of httpd.conf that I think are relevant for anyone helping me
> troubleshoot are:
>
> <Directory "/usr/local/www/htdocs/private">
> AllowOverride none
> </Directory>
Why is AllowOverrid set to "none"? As you just mentioned, the FAQ says it
needs to be set to "all" or at least "authconfig".
Another thing to mention is that it is not necessary to use .htaccess at
all. You can just take the auth stuff from above (without the <limit>
crap) and include it directly in the <directory> section.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org