Password protect not working.

[rfc5141]

I'm trying to password protect my admin folder. I have tried via the Password Protect icon on cPanel and by right clicking on the applicable folder. I enter a name, click the check box to protect and save. I click go back, create a new user and save. When I enter url i go straight to home page, however when I add /admin to go to the backend, I go straight there with no prompt for login. When I first created the password protect it worked initially, however every attempt since takes me straight back in to backend. I've deleted user, I've renamed folder and tried to protect again, I've cleared my cache. Can any kind-hearted soul please help put me out of my misery?

 

[cPanelMichael]

Hello

Please review the .htaccess file in the public_html and "admin" directory. Do you see any entries related to the password protection of the directory? Have you confirmed the domain name resolves to the same server that you accessed cPanel on?

Thank you.

 

[cPanelPeter]

Hello,

In addtion to what cPanelMichael mentioned above, by any chance do you have FrontPage Extensions installed on that account? You may not be using them, but if you have them installed they will interfere with cPanel's password protection method (.htaccess Basic Authentication).

 

[rfc5141]

Hello Peter,

No, I have just checked. They are not installed. Can't understand why this worked when I initially created the login for the folder but any subsequent visits to the admin have gone straight there without a login prompt.

 

[cPanelMichael]

Were there any other entries in the .htaccess files associated with the public_html directory or the admin directory?

Thank you.

 

[MesinHosting]

usually i wrote my own code for www authentification based on php documentation. in case use with conjunction for alternative way to protect directories.

but i think the simplest way for you is. contact your hosting provider to made your admin folder protected. and if they cant, just move to another hosting.

i think this will solved your problem

 

[walt]

I understand this is an old thread, but just wanted to add some more info.

Same issue: password pop-up is only seen once, subsequent visits to protected url (in protected folder) go right through, without needing a password. -Unless- you close and restart the browser. Then, again you only need to enter the password once.

I have tried this on Windows xp with Firefox 41.0, and on a Linux computer with Midori browser. Both act the same way. I wouldn't go as far as saying password protection is not working, but I would rather it asked for credentials every time.

However, I suspect this has nothing to do with cPanel. I think all cPanel does is create the htaccess file for you, and add a password in the password file? So maybe it has something to do with Apache settings, or the browsers saving the login info somewhere I cannot find. Deleting all Firefox's saved passwords didn't help.

 

[kdean]

That's how HTTP Authentication works. Browsers remain logged in until they are restarted. There's no timeout of the login.