#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2006
    Posts
    19
    Rep Power
    0

    RewriteRule & Autentication all in one ??


    I recently switched servers

    the problem is that on the old site i used apaches basic autentication and the RewriteRule to protect prying eyes
    now that i switched this method doesnt work

    what is confusing is that no errors appear and both RewriteRule and basic authentication work independently but not together

    how can i go above solving this, both server are running 1.3,

    the htaccess in a subfolder look like

    AuthUserFile /home/moor/.htpasswd/.htpassDRT4
    AuthGroupFile /dev/null
    AuthName "Enter username and password"
    AuthType Basic

    require valid-user

    order deny,allow
    deny from all

    AuthName "Restricted File"
    AuthType Basic
    AuthUserFile /home/test/.htpasswd/.htpass
    require valid-user

    RewriteEngine on

    # Modify the RewriteBase if you are using Drupal in a subdirectory and
    # the rewrite rules are not working properly.

    RewriteRule ^manual\.doc$ /files/fakemanual.doc [R=301,L]

    are there any settings in phpinfo() that could help
  2. #2
  3. mod_dev_shed
    Devshed Supreme Being (6500+ posts)

    Join Date
    Sep 2002
    Location
    Atlanta, GA
    Posts
    14,817
    Rep Power
    1100
    Is all of that, specifically, are both Auth* directive sets in the same .htaccess file?

    What does actually happen?

    Why don't you also tell us what the overall goal is so we can tell you if there's a better way.
    # Jeremy

    Explain your problem instead of asking how to do what you decided was the solution.
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2006
    Posts
    19
    Rep Power
    0
    yep I mess uo the htacces above it should have read something like

    Code:
    AuthUserFile /home/test/.htpasswd/.htpass
    AuthGroupFile /dev/null
    AuthName "Enter username and password"
    AuthType Basic
    
    require valid-user
    
    order deny,allow
    deny from all
    
    AuthName "Restricted File"
    AuthType Basic
    AuthUserFile /home/test/.htpasswd/.htpass
    require valid-user
    
    RewriteEngine on
    
    # Modify the RewriteBase if you are using Drupal in a subdirectory and
    # the rewrite rules are not working properly.
    
    RewriteRule ^manual\.doc$ /files/fakemanual.doc [R=301,L]
    what i was trying to do was restrict user from accessing a file using basic authentication

    If the user clicks on a dummy link authentication is initialise then the use is redirected to the proper file ie fakemanual.doc

    can it be done like this
    tks
  6. #4
  7. mod_dev_shed
    Devshed Supreme Being (6500+ posts)

    Join Date
    Sep 2002
    Location
    Atlanta, GA
    Posts
    14,817
    Rep Power
    1100
    Remove all that crap and try this:[code=.htaccess]<Files "manual.doc">
    AuthType Basic
    AuthName "Restricted Document"
    AuthUserFile /home/test/.htpasswd/.htpass
    AuthGroupFile /dev/null

    require valid-user
    </Files>

    Redirect /manual.doc http://foo.com/files/fakemanual.doc[/code]
    # Jeremy

    Explain your problem instead of asking how to do what you decided was the solution.
  8. #5
  9. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2006
    Posts
    19
    Rep Power
    0
    Originally Posted by jharnois
    Remove all that crap and try this:[code=.htaccess]<Files "manual.doc">
    AuthType Basic
    AuthName "Restricted Document"
    AuthUserFile /home/test/.htpasswd/.htpass
    AuthGroupFile /dev/null

    require valid-user
    </Files>

    Redirect /manual.doc http://foo.com/files/fakemanual.doc[/code]
    tks for the code but the redirect dont work...

    I been doing some reading I came up with

    module's order
    (LoadModule directive) between mod_auth and mod_rewrite

    I need to get in touch with the guys at my server to see if they can change it
  10. #6
  11. mod_dev_shed
    Devshed Supreme Being (6500+ posts)

    Join Date
    Sep 2002
    Location
    Atlanta, GA
    Posts
    14,817
    Rep Power
    1100
    Are you sure they didn't mean module order in .htaccess. Apache loads all modules listed with LoadModule into memory when the server starts. The only time order becomes an issue is if you try to use a directive defined in a modules that has not yet been LoadModule-d.

    Remeber that Apache does nothing until a request is made for a page. So the .htaccess file you have is only read when a page is requested that is affected by that file. So the order of the LoadModule-s in httpd.conf should have no affect on your request, but the order in .htaccess will.


    You could also Auth* your /files/ directory instead.
    # Jeremy

    Explain your problem instead of asking how to do what you decided was the solution.

IMN logo majestic logo threadwatch logo seochat tools logo