Tuesday, August 30, 2022

[SOLVED] Password protect a directory using basic authentication

Issue

I'm trying to make a directory for my website password protected and I so far I've followed apache instructions to do that: rel="nofollow">http://httpd.apache.org/docs/current/howto/auth.html

and

http://wiki.apache.org/httpd/PasswordBasicAuth

I then created a password file using htpasswd, and then I edited my httpd.conf with 

<Directory /var/www/html/project/app.project.com/Admin/>
AuthType Basic
AuthName "Restricted Area"
# (Following line optional)
AuthBasicProvider file
AuthUserFile "/var/www/html/admin/.password"
Require valid-user

Order allow,deny
Allow from all
</Directory>

But when I go to the website that supposed to ask me for the password it doesn't!

I'm just trying to figure out what I'm doing wrong.

Thanks!


Solution

The problem that I didn't think was related to this is that I was trying to access that protected directory using one of my vhosts in the configuration file so I just had to put this Directory directive inside of the correspondig vhost that was getting accessed, this is how I got my configuration at the end:

# Please note as well that I'm forcing connections from http to https:

<VirtualHost *:80>
ServerName app.project.com
ServerAlias project.com
DocumentRoot /var/www/html/project/app.project.com

Redirect permanent / https://app.project.com

ErrorLog /var/www/html/project/app.project.com/error.log
CustomLog /var/www/html/project/app.project.com/requests.log combined
</VirtualHost>


 <VirtualHost *:443>
 ServerName app.project.com
 DocumentRoot /var/www/html/project/app.project.com
 SSLEngine On
 SSLCertificateFile /etc/httpd/ssl/40d5d69ae6a53.crt
 SSLCertificateKeyFile /etc/httpd/ssl/project.key
 SSLCertificateChainFile /etc/httpd/ssl/gd_bundle-g2-g1.crt

#Adding the Directory directive to request auth access with password to the Admin directory 

<Directory /var/www/html/project/app.project.com/Admin/>
AuthType Basic
AuthName "Restricted Area"
# (Following line optional)
AuthBasicProvider file
AuthUserFile "/var/www/html/admin/.password"
Require valid-user

Order allow,deny
Allow from all
</Directory>
</VirtualHost>


Answered By - VaTo
Answer Checked By - Mildred Charles (WPSolving Admin)
at