Auth Problem

I have just recently uploaded a Joomla site with SEF urls enabed. The site worked.
I have since wanted to add htaccess Authorization while the site is under development.
I opened the .htaccess file and added:
AuthType Basic
AuthName EnterPassword
AuthUserFile “/home/gayle/public_html” (ps. I determined the correct path by outputting
echo dirname(FILE); in a php file in the same directory as the .htpasswd file)
Require valid-user

And created the password file (using: http://www.htaccesstools.com/htpasswd-generator/) in above mentioned directory.

Then when I load the page. I get the password prompt, but any user/pass works, and once the prompt closes I get a:
Internal Server Error

Lucky,

That’s like saying I modified something but it’s not working; what did I do wrong?

Okay, my first inclination is that having the password protection counters the redirection which Joomla must be using (similar to WP’s mod_rewrite).

Second, if you didn’t create the password file correctly (no way for me to judge), then it will forbid either anyone’s access or permit everyone (with a 500?). IMHO, it’s the password protection which is bad. Because you didn’t say whether you were using a WinDoze or Linux server, I’ll bet it’s WinDoze as M$ seems to hate security … er, password protection scheme for directories.

Are you using cPanel (or similar)? Control panels typically have a directory protection function inbuilt so you’ll have no problems with that.

Regards,

DK

Hi

Sorry about that vagueness.

Yes it is a cpanel server (new), and after posting this I actually saw the .passwrds folder (outside the web root) and moved the password file there. And changed the directory references in the .htaccess file accordingly. But the problem still happened.

And actually NO, its Linux with Apache - I stay away from Windows servers.

I tend to agree, I think it may be the .htpasswd file.

At the VERY top of the Joomla created .htaccess file, I have added:
AuthType Basic
AuthName EnterPassword
AuthUserFile /home/gayle/.htpasswds/
Require valid-user

And within the .htpasswds folder, I have a .htpasswd file, the content being:
gayle:$apr1$47APU/…$Aye7BxPq/Xb92rgUKE7XU1

Lucky,

No worries about the vagueness - it’s typical. Also, I (obviously) stay away from M$ on the Internet, too!

Okay, with cPanel, though, use the cPanel “Password Protect Directories” feature. It will create the password properly and install the correct (syntax, location, et al) information in the .htaccess file of that directory. IMHO, that’s the only way to fly!

Regards,

DK

Thanks mate, I didn’t realise cPanel had such an option, which worked BTW.
I’m new to using a control panel.

Cheers