.htpasswd file redirects to 'Page Not Found'
Permalink
Hi, I have Concrete5 installed in the public_html directory and that's going fine. I tried to password protect a subdirectory with htaccess/htpasswd but I get redirected to the Page Not Found message. The subdirectory is outside the Concrete5 installation (i.e. /public_html/new_directory) and that's where the .htaccess file is. If I remove the .htaccess file from the subdirectory I can reach any page in it.
If I remove the rewrite rules in the Concrete5 .htaccess file the problem disappears so it's clearly something to do with that. Has anyone got any ideas how to fix this?
Many thanks
If I remove the rewrite rules in the Concrete5 .htaccess file the problem disappears so it's clearly something to do with that. Has anyone got any ideas how to fix this?
Many thanks
Hi yes it does have that code and I get the same result whether I enter the directory path in the address bar or a path to any page.
Which "file not found" page are you seeing. The concrete5 one or the Apache default not found page?
Do you have 2 .htaccess files? One in your concrete5 root directory (for pretty URL support) and another in /newdirectory/.htaccess? The root /.htaccess should have something like:
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L]
The /newdirectory/.htaccess should look something like:
AuthType Basic
AuthName "New Protected Directory"
AuthUserFile /path/to/.htpasswd
Require valid-user
Check your permissions on /newdirectory and all the .htaccess and .htpasswd files. You may also try renaming /newdirectory to somehthing else and see if you can hit that.
What you are trying to do should work, however, there still could be a "Apache global configuration" that is causing the issue. That will have to be corrected by your web host provider.
Do you have 2 .htaccess files? One in your concrete5 root directory (for pretty URL support) and another in /newdirectory/.htaccess? The root /.htaccess should have something like:
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L]
The /newdirectory/.htaccess should look something like:
AuthType Basic
AuthName "New Protected Directory"
AuthUserFile /path/to/.htpasswd
Require valid-user
Check your permissions on /newdirectory and all the .htaccess and .htpasswd files. You may also try renaming /newdirectory to somehthing else and see if you can hit that.
What you are trying to do should work, however, there still could be a "Apache global configuration" that is causing the issue. That will have to be corrected by your web host provider.
I'm seeing the Concrete5 File Not Found page. The .htaccess/.htpasswd files are set up exactly as you described. The permissions for all are 644 which I believe is correct.
I renamed the directory and got the same result so I'll check with the host provider about the Apache global configuration.
Thanks a lot for your help :)
I renamed the directory and got the same result so I'll check with the host provider about the Apache global configuration.
Thanks a lot for your help :)
What happens if you turn off "Pretty URL's" and disable the concrete5 .htaccess. Does everyting work as expected?
There are just so many ways that Apache/PHP can be configured. Who is you Web Host Provider. There is probablly someone in the forums that has figured out a .htaccess tweek specific to your provider.
There are just so many ways that Apache/PHP can be configured. Who is you Web Host Provider. There is probablly someone in the forums that has figured out a .htaccess tweek specific to your provider.
my host provider said the subdirectory passes through the C5 .htaccess ok the first time then hits the subdirectory .htaccess and then the .htpasswd. Then as it passes through the C5 .htaccess again the URL somehow gets rewritten and gets caught up in the return to base rule. I just turned that off so 404s now go to the default server 404 page. It's good enough I can style that one to my needs anyway.
Thanks for your help :)
Thanks for your help :)
An update to my last post. Turning off the return to base part of the C5 .htaccess broke all pages except the home page. I have resolved this issue by creating a subdomain for the protected directory and accessing it through that. This appears to completely bypass the root .htaccess, therefore I can leave the rewrite rules intact.
Interesting. Nice piece of debugging work. If a redirect is getting tangled up, you could try putting
in your /config/site.php
Not sure if that will make any difference or not.
define('REDIRECT_TO_BASE_URL',false);
in your /config/site.php
Not sure if that will make any difference or not.
Thanks .... but using a subdomain resolved the issue, or worked around it at least. All is good.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
it says that if URL is NOT a file AND URL is NOT a directory, then rewrite the URL with RewriteRule ^(.*)$ index.php/$1 [L]
If your try the URL /newdirectory/index.php do you still get the "not found"? Hope that makes sense :)