1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

protected directory

Discussion in 'Plesk for Linux - 8.x and Older' started by swebs, Jul 7, 2005.

  1. swebs

    swebs Guest

    I cant seem to get directories to be protected.

    I've tried both using the CP and manually creating the .htaccess/.htpasswd files.

    When I try in the control panel it acts as thought its not protected at all.

    when I manually create the .htaccess/.htpasswd files I get an Authorization Error and it never even prompts me for a login/passwd.

    This is 7.5.2 on linux.

    I'm totally stuck. Anyone have any ideas?

    Thanks in advance.
  2. serve-you.net

    serve-you.net Guest

    Which directory are you trying to protect? If it's the docroot of a domain, I believe plesk is still unable to protect it. Creating an .htaccess file should work though.
  3. swebs

    swebs Guest

    I have an "admin" directory under the httpdocs directory that I am trying to password protect.

    Neither the plesk "protected directories" or the .htaccess seem to be working.

    very frustrating.

    I know that mod_access is working because if I try and secure it by IP it seems to work but when I try and point it to a AuthUserFile I think that is where it is failing.
  4. serve-you.net

    serve-you.net Guest

    For the manual way:
    Where is the authfile being stored, and what are the contents of your .htaccess? And what method are you using for creating the user/pass file?

    For the plesk way:
    Have make sure there isn't an .htaccess file in the dir when you try to protect it. Also, you may wanna try and give apache a kick in the *** and restart it.
  5. swebs

    swebs Guest

    I created a new directory "test" and only put an index.html file in it. Then tried protecting it using the control panel. It still acts as though it is not protected. So I restarted apache and still the same.

    As for using htaccess, here is what I have:
    AuthType Basic
    AuthName "Admin Area"
    AuthUserFile /home/httpd/vhosts/shaare.org/httpdocs/admin/.htpasswd
    AuthGroupFile /dev/null
    <Limit GET POST>
    require valid-user

    and for the htpasswd I used the following to create it in the above listed directory:
    htpasswd -c .htpasswd adam

  6. serve-you.net

    serve-you.net Guest

    What's that all about?
  7. swebs

    swebs Guest

    I dont have a group file. I've always used the same thing and never had a problem.

    I'd be happy to try and suggests.

    I'm very curious to know why the protected directories are not working from the control panel too.
  8. serve-you.net

    serve-you.net Guest

    Check the permissions on the pd directory. Should look like:
    drwxr-x--- 2 root psaserv 4096 May 16 15:18 pd/

    Check in it, does it actually create the passwd file?

    Make sure you aren't making the mistake of making an ssl protected directory for a non ssl dir.

    Check the httpd.include file for the domain. Is the comment being added to it?
  9. swebs

    swebs Guest

    is the box in the CP that asks for the path an absolute path or relative to some home?

    I've tried both and neither work so Im curious.

    Someone must have this same problem.
  10. serve-you.net

    serve-you.net Guest

    It is relative to http(s)docs:
  11. swebs

    swebs Guest

    still no go..

    even bounced apache.

    This sucks..

    gotta be something I can do to secure directories.

    Any other ideas/tests?
  12. swebs

    swebs Guest

    checked the /pd dir and yes the password file is being created.

    Checked the httpd.include and the correct directory info is being added and points correctly to the password file in the pd dir

    Here is the error I get when I hit the page now:

    Authorization Required

    This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.

    Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

    I restarted apache, restarted my PC, tried with both IE and Firefox.

    keep the good ideas coming.
  13. serve-you.net

    serve-you.net Guest

    Well, a 403 is good cuz it means apache's checking for auth. But you aren't getting a prompt at all? You can PM me the link if you wanna rule out lame browser caching and such.

    What are the contents of the directory you are protecting? Have you tried deleting it(the directory), and recreating it?
  14. swebs

    swebs Guest

    well the test with the new directory called test didnt seem to work so I didnt figure removing and recreating it would do anything.

    the contents under the directory is just an admin controls for the customers ecommerse site.

    I tried on a few computers here to rule out the cacheing.

    I agree that is some permissions issue but I just cant seem to figure out what it would be.
  15. serve-you.net

    serve-you.net Guest

    Unfortunately (as expected) it's no go for me either. What are the permissions on the directory (both owner/group & modes)? how bout the files in it?
  16. swebs

    swebs Guest

    ok are we trying to get it to work with plesk that modifies the httpd.include or with the standard .htacess/.htpasswd files.

    all the files in the directory are owned my the site ower and group psacln

    as for permissions:

    I've tried all different ones with .htaccess
    to no avail
  17. serve-you.net

    serve-you.net Guest

  18. swebs

    swebs Guest

    ok its has to do something with .htpasswd and apache.

    apache must not be processing the .htpasswd

    Its processing the .htaccess but then will not process the .htpasswd file.

    top level :
    drwxr-x--- 2 root psaserv 27 Jul 7 19:35 pd

    pd :
    -r-------- 1 apache apache 44 Jul 7 19:35 d..store@admin
  19. serve-you.net

    serve-you.net Guest

    What's with the weird name?
  20. serve-you.net

    serve-you.net Guest

    nevermind... i see i have some like that too.
    permissions look fine there. what i meant was the /admin dir.