The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

password protected folder

Discussion in 'Security' started by mihaii, Apr 2, 2013.

  1. mihaii

    mihaii Registered

    Joined:
    Apr 2, 2013
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    I tried to protect a folder named "test" from control panel, security, passwork protected folders
    when i entered the link www.mydomain.com/test i got a "Not Found /The requested URL was not found on this server."

    In the test folder it generates a .htaccess like this

    Code:
    AuthType Basic
    AuthName "test"
    AuthUserFile "/home/sossate/.htpasswds/public_html/test/passwd"
    require valid-user 
    When i remove the .htaccess in the public_html, the when i go on the www.mycomain.com/test i get prompted for a user/password.

    If i copy the generated script from the test folder (the .htaccess file) and paste at the end of the .htaccess the public_html file it works, but it requires user / password to access the site (www.mydomain.com) not only that folder

    this is the .htaccess file in the public_html


    Code:
    php_value upload_max_filesize "10M"
    php_value session_save_path "tmp/cache"
    php_flag magic_quotes_gpc Off
    php_flag register_globals Off
    php_flag session.use_trans_sid Off
    
    Options -Indexes
    ServerSignature Off
    Options +FollowSymLinks
    
    php_flag display_startup_errors 0
    php_flag display_errors 0
    php_flag html_errors 0
    php_value docref_root 0
    php_value docref_ext 0
    
    <IfModule mod_rewrite.c>
    RewriteEngine on
    RewriteBase /
    #RewriteCond %{REQUEST_URI} !/$
    #RewriteCond %{REQUEST_URI} !\.
    #RewriteCond %{REQUEST_METHOD} !POST$
    #RewriteRule ^(.*) %{REQUEST_URI}/ [R=301,L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.+)$ index.php?page=$1 [QSA]
    </IfModule>
    
    <IfModule mod_header.c>
    Header unset ETag
    FileEtag None
    </IfModule>
    
    <IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/css text/plain text/xml image/gif image/jpeg image/png
    </IfModule>
    
    <IfModule mod_expires.c>
    <FilesMatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf)$">
    ExpiresActive On
    ExpiresDefault "access plus 1 year"
    <IfModule mod_header.c>
      Header set Cache-Control "public"
    </IfModule>
    </FilesMatch>
    </IfModule> 
    
    Any ideas on how i could solve this problem?
    Thanks
     
  2. quietFinn

    quietFinn Well-Known Member

    Joined:
    Feb 4, 2006
    Messages:
    998
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    Finland
    cPanel Access Level:
    Root Administrator
    You could try this:
    Add line
    RewriteEngine off
    in the test folder's .htaccess
     
  3. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    942
    Likes Received:
    57
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    A lot of times this happens with custom 404 handling in CMS'es and such. Like with wordpress if you password protect wp-admin it doesn't handle it right. I've fixed it before with adding "ErrorDocument 401 default" to the top of the main .htaccess.
     
  4. mihaii

    mihaii Registered

    Joined:
    Apr 2, 2013
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    Thank you to both of you!

    Adding ErrorDocument 401 default to my main .htaccess file solved the problem
    Indeed, it was a CMS running (CMSMS to be more precise)
     
Loading...

Share This Page