stubborn .htaccess

Hello all :)

Hope someone will be able to see the solution ...

Here, I'm working with a photo gallery for 2 years now. One of its function is too allow download with a password, protected by htaccess.
2 years ago, it worked perfectly ( I was not a dreamhost though )
2 years later, htaccess is stubborn and keep asking for password, even when it's the good one.

Why ? Is it something to do with protection on server and/or permissions ?

In reply to:

---

Why ? Is it something to do with protection on server and/or permissions ?

---

There is supposed to be a file with the usernames and their passwords in it. Perhaps Apache isn't able to read the file, or the .htaccess file has the wrong path.

openvein.org -//-

The password and login are in the .htpasswd, the password is encrypted.

Why would apache wouldn't be able to read it ?

Here what it looks like :

AuthType Basic
AuthName "Secure"
AuthUserFile /mnt/local/home/*myftplogin*/*mydomain*/photos/2/4564334/.htpasswd
require valid-user

In reply to:

---

/mnt/local/home/*myftplogin*/*mydomain*/photos/2/4564334/.htpasswd
require valid-user

---

For shared hosting on DreamHost, the path would be /home/username/mydomain/photos/2/4564334/.htpasswd

Sounds like your old host used different paths.


openvein.org -//-

I changed the path but it didn't change anything.

I don't see why it doesn't want to work !

What are the permissions on the .htpasswd file? Try changing it to 644 if it isn't already.


openvein.org -//-

already in 644 :(

I made some test : I put the .htaccess and .htpasswd in the root and it worked like a charm.
So, I left the htpasswd in the root, change the path in the htaccess and put the htaccess in the folder I want to protect.
Nothing : it keeps asking over and over again

Edit : I tried the htaccess in the root with path to photo folder with htpasswd in it.
It works. Of course it ask for login/password when you load index, which isn't what I want. I was just testing.

It something to do with the folder containing originals. It worked everywhere else, except in that folder !!

Edited by metatron3 on 01/25/09 02:10 PM (server time).

Done every test and different way to write a htaccess file. It won't work.

I moved to Dreamhost because Bluehost is messing with file permission : you can't put 777 or 666. It blow up old script.
Now I can't manage to work a single htaccess. How can that be ??

In reply to:

---

I moved to Dreamhost because Bluehost is messing with file permission : you can't put 777 or 666. It blow up old script.
Now I can't manage to work a single htaccess. How can that be ??

---

That might be the problem. Its insecure to use 777 or 666 for permissions on a shared hosting server. You shouldn't need to use 777 if your Gallery script is running PHP as CGI instead of a mod_php anyways. Try setting the directories to 755 and files to 644.

Though I haven't been able to duplicate your problem myself. Uh, if you don't want people downloading files from the directory at all, try using this instead:

# Deny connections from anyone
deny from all

That way you'd have to use FTP/SFTP/shell to get at the files.

However I suggest backing up the password file, and fixing the permissions (again 775 for directories and 644 for files) and then go to the DreamHost Web Panel. Once there, choose Goodies -> Htaccess/WebDAV and select the domain. Type in the directory path, check off "Password-protect this dir?", and specify usernames and passwords. Ignore the other options. Then submit the form.

openvein.org -//- Edited by Atropos7 on 01/25/09 03:32 PM (server time).

Most are already in 755 and 644 : the folder supposed to be protected is already in 755

In reply to:

---

It something to do with the folder containing originals. It worked everywhere else, except in that folder !!

---

Rename the folder temporarily and see if it works.




How To Install PHP.INI / ionCube on DreamHost

Ok, I renamed the folder but the script didn't like.
Renamed the folder in the admin script and got this :

Warning: rename(/mnt/local/home/pmksensei/maybegreen.tech-hippie.com/photos/1/73700367,/mnt/local/home/pmksensei/maybegreen.tech-hippie.com/photos/1/007) [function.rename]: No such file or directory in /mnt/local/home/pmksensei/maybegreen.tech-hippie.com/includes/admin.inc.php on line 93
Could not rename folder for original files. Please make sure it exists!


So, I changed the folder number in the admin and it changed in the ftp but still no luch with htaccess. Keep saying I don't have the good login/pass

In reply to:

---

Ok, I renamed the folder but the script didn't like.

---

Browse directly to the folder itself in order to test the .htpasswd functionality.




How To Install PHP.INI / ionCube on DreamHost

Of course, I wouldn't say it doesn't work otherwise :p

Keep asking for login/pass

htpasswd is in root and htaccess give path to htpasswd.

I think you're going to have to review your paths.




How To Install PHP.INI / ionCube on DreamHost

That's the htaccess :

AuthType Basic
AuthName "Private"
AuthUserFile /home/pmksensei/maybegreen.tech-hippie.com/.htpasswd
require valid-user

htaccess is in : /maybegreen.tech-hippie.com/photos/1[category number]/[a-big-number-random-each-time-a-new-category-is-create]/.htaccess

when I want to download a photo, it calls that path.