[5097] in WWW Security List Archive
post
daemon@ATHENA.MIT.EDU (jason)
Wed Apr 16 11:31:17 1997
Date: Wed, 16 Apr 1997 09:52:47 -0400
To: www-security@ns2.rutgers.edu
From: jason <jkwong@pathcom.com>
Errors-To: owner-www-security@ns2.rutgers.edu
>hi,
>
i'm not sure if this belongs in the discussion.
>i was wondering how i go about setting up htpass authentication. i've
>looked around on www, but couldn't find anything that would work.
>
>this is how everything is setup: (it should be noted i'm not admin)
>
>the server is using apache.
>i am using htpass. this account is an account with an internet provider.
>
>it is in this directory:
>
>drwxr-xr-x 12 4433 plan2 512 Apr 12 05:38 .
>drwx--x--x 3 4433 plan2 512 Feb 16 16:49 ..
>-rw-r--r-- 1 root other 19 Apr 11 18:08 .htpass
>-rw-rw-r-- 1 4433 plan2 2729 Apr 15 02:08 homepage.html
>lrwxrwxrwx 1 4433 plan2 21 Apr 7 12:51 htpass ->
>/usr/local/bin/htpass
>-rw-rw-r-- 1 4433 plan2 4344 Apr 12 05:38 s-attack.gif
>drwxr-xr-x 9 4433 plan2 512 Apr 9 22:45 syn
>226 Transfer complete.
>ftp> pwd
>257 "/j/jkwong/public_html" is current directory.
>
>**** HTPASS resides in the above directory, along with my password file.
>notice it owned by root.
>
>-rw-rw-r-- 1 4433 plan2 165 Apr 11 20:13 .htaccess
>-rwxr-xr-x 1 4433 plan2 99 Apr 11 17:10 index.html
>226 Transfer complete.
>ftp> pwd
>257 "/j/jkwong/public_html/syn/restrict" is current directory.
>
>**** the above is where my .htaccess file resides, which is the directory i
>want to protect.
>
>AuthUserFile /users/users/home/j/jkwong/public_html/.htpass
>AuthGroupFile /dev/null
>AuthName 'index' 'parm'
>AuthType Basic
><limit GET>
>require user parm
></limit>
>
>**** above is what my .htaccess file looks like
>
>now, i've tried many things. i made sure that there was a symbolic link to
>my directory.
>i've tried changing permissions on the files, but nothing seems to work.
>
>If someone could help me out with this, it would be much appreciated.
>
>Thanks,
>
>Jason
>
>
>***************************************************************************
>
>"I step to my business, stand strong on my own two, do what I have to do to
>get true, If you're for real then you know the deal, I do or die - and
>I never ran - never will"
> --- SNW
>***************************************************************************
>
>
>
>Received: from ns2.rutgers.edu by mfi.com (SMTPLINK V2.11)
> ; Wed, 16 Apr 97 02:12:17 PST
>Return-Path: <owner-www-security@ns2.rutgers.edu>
>Received: (from daemon@localhost) by ns2.rutgers.edu (8.8.5/8.6.12) id
XAA28865 for www-security-outgoing; Tue, 15 Apr 1997 23:24:07 -0400 (EDT)
>Received: from pathway1.pathcom.com (pathway1.pathcom.com [204.191.122.2])
by ns2.rutgers.edu (8.8.5/8.6.12) with ESMTP id XAA28859 for
<www-security@ns2.Rutgers.EDU>; Tue, 15 Apr 1997 23:23:56 -0400 (EDT)
>Received: from iceberg (ts33l15.pathcom.com [207.245.17.130]) by
pathway1.pathcom.com (8.8.5/8.7.3) with SMTP id XAA06644 for
<www-security@nsmx.rutgers.edu>; Tue, 15 Apr 1997 23:20:50 -0400 (EDT)
>Message-Id: <3.0.1.32.19970415232113.006edfa4@mail.pathcom.com>
>X-Sender: jkwong@mail.pathcom.com
>X-Mailer: Windows Eudora Light Version 3.0.1 (32)
>Date: Tue, 15 Apr 1997 23:21:13 -0400
>To: www-security@ns2.Rutgers.EDU
>From: jason <jkwong@pathcom.com>
>Subject: basic authentication setup
>Sender: owner-www-security@ns2.Rutgers.EDU
>Precedence: bulk
>Errors-To: owner-www-security@ns2.Rutgers.EDU
>
>
***************************************************************************
"I step to my business, stand strong on my own two, do what I have to do to
get true, If you're for real then you know the deal, I do or die - and
I never ran - never will"
--- SNW
***************************************************************************
