.htaccess AuthType not working, keeps prompting for password
I'm at a total loss. I've rsync'd all the files to another machine that isn't running cPanel and it works, but when I'm on cPanel it doesn't.
What I've done:
mkdir -p ~/public_html/box
chmod a+rx ~/public_html/box
cat >~/public_html/box/.htaccess <<<"
Order allow,deny
Satisfy any
Allow from 127.0.0.1
Require valid-user
AuthType Basic
AuthName bochs
AuthUserFile /home/moses/public_html/box/.htpasswd
"
chmod a+r ~/public_html/box/.htaccess
/usr/local/apache/bin/htpasswd -bc /home/moses/public_html/box/.htpasswd locke key
chmod a+r /home/moses/public_html/box/.htpasswd
What I expect:
When visiting , I am prompted by my browser for a password. After entering the correct username/password, I am prompted for the password again. No password is considered valid. There is no message in the error.log file.
What I've already tried:
[LIST]
Changing the .htaccess and .htpasswd file from using \n (Unix) to \r\n (Windows)
Moving the AuthUserFile out of the same directory as .htaccess
Renaming the AuthUserFile to something that doesn't start with '.ht'
Using explicit MD5 (-m) and crypt (-d) and plain (-p) in the '.htpasswd' file.
Looking for an .htaccess file in parent directories (there are none).
It's driving me nuts. I know I'm doing everything correctly because when I rsync the 'box/' folder to another machine that isn't running cPanel, it all works as expected. Is there something about cPanel that I'm overlooking? Is there something I should look for in the /usr/local/apache/* files?
-
Something I didn't try was to use the cPanel interface itself to password-protect the directory. ...:2083/cpsess0000000000/frontend/x3/htaccess/dohtaccess.html?dir=%2fhome%2f Turned on the checkbox. Created a new user with a password that has more than five bytes. Here's the resulting .htaccess file: AuthType Basic AuthName "argle:bargle" AuthUserFile "/home/moses/.htpasswds/public_html/box/passwd" require valid-user ... and I'm still getting re-prompted for the password over and over again. So now I've done it the "right" way, using cPanel's own interface, and it still isn't working. This is infuriating. 0 -
Hello :) Do you notice any error messages in /usr/local/apache/logs/error_log when this happens? Thank you. 0 -
Hello :) Do you notice any error messages in /usr/local/apache/logs/error_log when this happens? Thank you.
Sorry, when I said "there is no message in the error.log file" I mean to say "there is no message in the error_log file." I did not mean to mislead you.0 -
Could you confirm you reviewed /usr/local/apache/logs/error_log and not the "error_log" file in the account's public_html directory? Thank you. 0 -
Could you confirm you reviewed /usr/local/apache/logs/error_log and not the "error_log" file in the account's public_html directory? Thank you.
# tail /usr/local/apache/logs/error_log [Wed Sep 09 16:41:39 2015] [error] [client 198.100.144.83] File does not exist: /usr/local/apache/htdocs/robots.txt [Wed Sep 09 17:04:15 2015] [notice] Graceful restart requested, doing restart Is this what you are thinking of? This is what I meant.0 -
Feel free to open a support ticket using the link in my signature so we can take a closer look. You can post the ticket number here so we can update this thread with the outcome. Thank you. 0 -
To update, this issue was resolved after the user determined Squid was intercepting traffic on eth0 port 80, that would take the 'Authentication:' http header, then pass it to localhost:80. It worked with "https" because Squid was not intercepting port 443. Thank you. 0
Please sign in to leave a comment.
Comments
7 comments