-2

Hi.I'm new at web, and I want to create a site. I've ordered a domain name and hosting, so now I have access to storage on hosting. What have I to do to protect any folder using htpasswd?

All that I have in http folder is index.html and folder examle, that contains .htaccess and .htpasswd and example2 folder, that should be protected.

When I try to access example2 folder from browser, I get popup window, that asking me for a login and password, and when I enter it I have a 500 internal sever error

Stdugnd4ikbd
  • 242
  • 3
  • 9
  • 1
    You need to include more info, like the code that's throwing the error. I'm guessing it's PHP since you included that tag? To see the _actual_ error message, check your servers error log. You can also change how PHP displays errors and tell it to show all errors directly on the screen (this is not something you want in production though, since it can show sensitive data, but during development, you should). Here's how to show all errors and warnings: https://stackoverflow.com/questions/5438060/showing-all-errors-and-warnings – M. Eriksson Nov 26 '17 at 11:59
  • Please read: [How to create a Minimal, Complete, and Verifiable example](http://stackoverflow.com/help/mcve) and also [How do I ask a good question?](http://stackoverflow.com/help/how-to-ask) – M. Eriksson Nov 26 '17 at 12:02
  • @MagnusEriksson, ok, I have to create a file that named "index.php", instead index.html in http folder, right? And put there, in the header this `` string, yes? – Stdugnd4ikbd Nov 26 '17 at 12:05
  • If you currently don't have a php-file, then why is this tagged with `php`? – M. Eriksson Nov 26 '17 at 12:06
  • @MagnusEriksson, well, I red that it seems to be a php error, so I added it – Stdugnd4ikbd Nov 26 '17 at 12:07
  • If you don't have any php-file/code, then it's not a php error. – M. Eriksson Nov 26 '17 at 12:08
  • @MagnusEriksson, ok, so how can I diagnose then? – Stdugnd4ikbd Nov 26 '17 at 12:10
  • To start with, rewrite your question, include the htaccess, the file and folder structure, remove any irrelevant tags and someone might be able to help. – M. Eriksson Nov 26 '17 at 12:12

1 Answers1

-1

Ok, so I have the answer. It's strange that the commentators didn't undertood the error, because as I understood the 500 error has only one meaning - server can't find a file. So, communyty members again talks about everytihng they can intstead that they was asked about-_-(yes, yes, there are a lot of grammar mistakes, but you understood(I hope)).

So here are a few steps for newers, like me, that can help to protect data of your site via `.htpasswd`

Getting the correct file path

Create file in folder you need to be protected, with .php extesion, and name it, how you like. Put this code there, and save it.

<?php
echo 'Полный путь к каталогу: ';
echo $_SERVER['DOCUMENT_ROOT'];
echo '/';
?>

Visit this page via browser, there will be wrote the full path to php document you've created.

Creating .htaccess and .htpasswd files

Go to folder you need to be protected by password and create two files - .htaccess and .htpasswd. You should notice, that these files shouldn't have any extensions, and they must be named exactly with . character in the begining.

Writing to .htaccess

Put there this one

AuthUserFile /path/to/.htpasswd
AuthType Basic
AuthName "My restricted Area"
Require valid-user

Instead of /path/to/ put the path you've got earlier. That's all

Writing to .htpasswd

Go to https://www.web2generators.com/apache-tools/htpasswd-generator and fill there login and password, and it will return you encrypted login:pass combination. Open .htpasswd file and just put it there.

That's all, it should work

Stdugnd4ikbd
  • 242
  • 3
  • 9