.htaccess has no effect

.htaccessapache-2.2

I am loosing hours with this (should-be) simple task. I want to restrict access to my website, which is on my server in /var/www/.

I've created /etc/apache2/passwords file with httpasswd successfuly (user primoz). I've put .htaccess in /var/www/ and this is the content:

AuthType Basic
AuthName "RestrictedFiles"
AuthBasicProvider file
AuthUserFile /etc/apache2/passwords
Require user primoz

My website is still accessible.
I also tried editing the /etc/apache2/sites-enabled/000-default – line AllowOverride None to AllowOverride All. No need to mention that it didn't make any changes.

Should restricting really be this frustrating?

EDIT:
/etc/apache2/httpd.conf is empty by default because I run server on Debian – which uses apache2.conf instead.

Here is the whole apache2.conf.

Best Answer

Enable .htaccess through httpd.conf and then put this code in your .htaccess under DOCUMENT_ROOT directory:

AuthType Basic
AuthName "RestrictedFiles"
AuthUserFile /etc/apache2/passwords
Require valid-user

Also make sure mod_authn_core is enabled.

Related Solutions

Linux – .htaccess not working (mod_rewrite)

Try putting the rewrite rules directly into the VirtualHost config section (not under a "Directory" rule)

This way you can bypass any problems that may be cause by .htaccess and path identification mechanisms.

Check if rewrite_module is loaded into apache:

apache2ctl -t -D DUMP_MODULES

If not enabled, enable the mod_rewrite with

a2enmod rewrite

This will set up necessary links under mods-enabled (not mods-available)

Centos – WebDAV on CentOS – getting 403 error when attempt to upload

I recently struggled with the same problem on my Fedora 10 system. In my case the culprit was some odd redirection that I was doing in Apache. Specifically, I use a content management system (Drupal, to be exact) that within it's .htaccess includes the following redirection logic to redirect missing files to a PHP script:

# Rewrite URLs of the form 'x' to the form 'index.php?q=x'.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]

It makes sense that the above only affects the PUT method since in that case REQUEST_FILENAME does not exist.

Not having the WebDAV area inside of the Drupal area, which seems like a reasonable constraint, fixes the problem.

Also, I think it is likely that SELinux would result in a different error, but it's not mentioned in the discussion above. Did you try disabling SELinux?

Best Answer

Related Solutions

Linux – .htaccess not working (mod_rewrite)

Centos – WebDAV on CentOS – getting 403 error when attempt to upload

Related Topic