Password protect directory [solved]
Moderators: mandville, General Support Moderators
Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Windows Defender SmartScreen Issues <-- please read this if using Windows 10.
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Windows Defender SmartScreen Issues <-- please read this if using Windows 10.
- changlee
- Joomla! Explorer
- Posts: 470
- Joined: Tue Nov 20, 2007 11:05 am
- Location: Greece
- Contact:
Re: Password protect directory [solved]
Somebody helped me :-)
Thank you all !!!
Thank you all !!!
If you do not programm your life, someone else will do it for you.
SMTP Newsletter APP: https://www.emailbat.com
SMTP Newsletter APP: https://www.emailbat.com
- Bernard T
- Joomla! Guru
- Posts: 782
- Joined: Thu Jun 29, 2006 11:44 am
- Location: Hrvatska
- Contact:
Re: Password protect directory [solved]
You just rename and use the htaccess.txt and it will most probably work
VEL Team || Security Forum || PHP/Web Security Specialist || OWASP member
JAMSS author http://forum.joomla.org/viewtopic.php?f=621&t=777957
Twitter: @toplak
JAMSS author http://forum.joomla.org/viewtopic.php?f=621&t=777957
Twitter: @toplak
- changlee
- Joomla! Explorer
- Posts: 470
- Joined: Tue Nov 20, 2007 11:05 am
- Location: Greece
- Contact:
Re: Password protect directory [solved]
No, I did not faced the problem at the latest Joomla installation. It was at Joomla3.0.x as I remember...
If the problem exists, you just copy the data from the latest .htaccess file.
:-)
If the problem exists, you just copy the data from the latest .htaccess file.
:-)
If you do not programm your life, someone else will do it for you.
SMTP Newsletter APP: https://www.emailbat.com
SMTP Newsletter APP: https://www.emailbat.com
- mandville
- Joomla! Master
- Posts: 15152
- Joined: Mon Mar 20, 2006 1:56 am
- Location: The Girly Side of Joomla in Sussex
Re: Password protect directory [solved]
The answer is on the previous page. If you take time reading posts you will see the help Was regard ing the solved marker.kdaniel171 wrote:Dude can you please share how someone helped you solved the issue on password protect directory? So others will get the idea in case they experienced the same issue.
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
- bobysolo
- Joomla! Apprentice
- Posts: 23
- Joined: Fri Sep 15, 2006 2:16 pm
- Contact:
Re: Password protect directory [solved]
I had the same problem and I checked on the same server the differences in .htaccess files from different pages, where on some the password protection worked and on some it didn't.
The only difference I found between .htaccess files was this line, which was removed from latest versions of Joomla packages:
Now, I don't know if it's good that this line is removed or why it was removed, but when I add it back to the .htaccess file in the root of the webpage, it works. No more 404 errors in the administrator directory.
The only difference I found between .htaccess files was this line, which was removed from latest versions of Joomla packages:
Code: Select all
RewriteCond %{REQUEST_URI} /component/|(/[^.]*|\.(php|html?|feed|pdf|vcf|raw))$ [NC]
- changlee
- Joomla! Explorer
- Posts: 470
- Joined: Tue Nov 20, 2007 11:05 am
- Location: Greece
- Contact:
Re: Password protect directory [solved]
Exactly. That line is the problem.
And we do not know why that was removed.
And we do not know why that was removed.
If you do not programm your life, someone else will do it for you.
SMTP Newsletter APP: https://www.emailbat.com
SMTP Newsletter APP: https://www.emailbat.com
- Webdongle
- Joomla! Master
- Posts: 44071
- Joined: Sat Apr 05, 2008 9:58 pm
Re: Password protect directory [solved]
That is not accurate.changlee wrote:Exactly. That line is the problem....
Re- adding that line back into the .htaccess does prevent the 404 error occurring on servers that have problems with the .htpasswds outside of site root with mod_rewrite on. But removing that line is not the cause.
Also placing .htpasswds in the protected folder (adjusting the path in the password protect's .htaccess) prevents the 404 error
Another method of preventing the error on servers that have problems with the .htpasswds outside of site root with mod_rewrite on ... is to add a 401.shtml to the site root.
The problem (as far as has been reported until now) only happens on servers that have cPanel. It does not happen on all servers that have cPanel but cPanel with .htpasswds outside of site root with mod_rewrite on ... is the only common factor.
It happens with wordpress as well as other scripts but only on cPanel with .htpasswds outside of site root with mod_rewrite on.
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".
- changlee
- Joomla! Explorer
- Posts: 470
- Joined: Tue Nov 20, 2007 11:05 am
- Location: Greece
- Contact:
Re: Password protect directory [solved]
So what do you exactly suggest?
If I install a new Joomla 3.3.x and password protect a directory, I receive 404 at /administrator.
If I install a new Joomla 3.3.x and password protect a directory, I receive 404 at /administrator.
If you do not programm your life, someone else will do it for you.
SMTP Newsletter APP: https://www.emailbat.com
SMTP Newsletter APP: https://www.emailbat.com
- Webdongle
- Joomla! Master
- Posts: 44071
- Joined: Sat Apr 05, 2008 9:58 pm
Re: Password protect directory [solved]
You could ask your Host to fix the problem with thier server ... but you will not have much luck getting the Host to admit it's their settings.changlee wrote:So what do you exactly suggest?
...
Either one of the following will work around the problem if your Host will not fix the problem with their server settings..
Webdongle wrote: Re- adding that line back into the .htaccess does prevent the 404 error occurring on servers that have problems with the .htpasswds outside of site root with mod_rewrite on. But removing that line is not the cause.
Also placing .htpasswds in the protected folder (adjusting the path in the password protect's .htaccess) prevents the 404 error
Another method of preventing the error on servers that have problems with the .htpasswds outside of site root with mod_rewrite on ... is to add a 401.shtml to the site root.
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".
-
- Joomla! Apprentice
- Posts: 19
- Joined: Mon Aug 08, 2011 4:03 am
Re: Password protect directory [solved]
I've had the same problem. The issue is htaccess.txt. I have password protection on my administrator directory. I didn’t have any problems until I was enabling SEF URLs and needed to activate htaccess.txt. I use Joomla! 3.4.2.
I tried everything suggested in this post including various edits of RewriteRule .* index.php [L]. I also tried placing the .htpasswd in the administrator directory and adjusting the path inside the administrator .htaccess but that did not work either.
I added that line missing in the newer versions of the htaccess.txt (posted by bobysolo) and it worked. Thanks for the detail in the post.
Cheers, Rob
I tried everything suggested in this post including various edits of RewriteRule .* index.php [L]. I also tried placing the .htpasswd in the administrator directory and adjusting the path inside the administrator .htaccess but that did not work either.
I added that line missing in the newer versions of the htaccess.txt (posted by bobysolo) and it worked. Thanks for the detail in the post.
Cheers, Rob
- Bernard T
- Joomla! Guru
- Posts: 782
- Joined: Thu Jun 29, 2006 11:44 am
- Location: Hrvatska
- Contact:
Re: Password protect directory [solved]
A complete description of the source of the problem and the solution was discussed here: http://forum.joomla.org/viewtopic.php?f=714&t=858974
VEL Team || Security Forum || PHP/Web Security Specialist || OWASP member
JAMSS author http://forum.joomla.org/viewtopic.php?f=621&t=777957
Twitter: @toplak
JAMSS author http://forum.joomla.org/viewtopic.php?f=621&t=777957
Twitter: @toplak
-
- Joomla! Apprentice
- Posts: 19
- Joined: Mon Aug 08, 2011 4:03 am
Re: Password protect directory [solved]
Thanks Bernard T! A much better solution. I'll let my hosting provider know about this. For those who stumble across this post, the key information starts here:
http://forum.joomla.org/viewtopic.php?f ... 4#p3266125
http://forum.joomla.org/viewtopic.php?f ... 4#p3266125
- leolam
- Joomla! Master
- Posts: 20652
- Joined: Mon Aug 29, 2005 10:17 am
- Location: Netherlands/ Germany/ S'pore/Bogor/ North America
- Contact:
Re: Password protect directory [solved]
Joomla's #1 Professional Services Provider:
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
- Webdongle
- Joomla! Master
- Posts: 44071
- Joined: Sat Apr 05, 2008 9:58 pm
Re: Password protect directory [solved]
But you said
The link you provided in that post says
In another thread you say the problem is with the .htaccess
Please could you be clear on how you fixed the problem on your servers. Did you edit the standard Joomla .htaccess file or did you edit your server configuration ?
http://forum.joomla.org/viewtopic.php?f ... 4#p3298820leolam wrote:For all here: This has nothing to do with the default .htaccess file. It is caused by a server that is not correct configured. Please read what Nicholas of Akeeba replied on the Github and he is completely right. It is good for those who can solve this issue through changes in the htaccess file but they should not be needed in the first place.
Leo
The link you provided in that post says
https://github.com/joomla/joomla-cms/is ... t-98073361nikosdion wrote:...
So, as I said several months ago, the problem comes from BADLY CONFIGURED servers. If you don't have a custom error document in place then DO NOT tell Apache that you have a custom error document in place or bad crap will happen. Sounds reasonable, doesn't it?
In another thread you say the problem is with the .htaccess
http://forum.joomla.org/viewtopic.php?f ... 1#p3233569leolam wrote:Not for "my" server config and I am assured that it is not server but .htaccess so it will be resolved for people who have this situation
Leo
Please could you be clear on how you fixed the problem on your servers. Did you edit the standard Joomla .htaccess file or did you edit your server configuration ?
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".
- Bernard T
- Joomla! Guru
- Posts: 782
- Joined: Thu Jun 29, 2006 11:44 am
- Location: Hrvatska
- Contact:
Re: Password protect directory [solved]
Let me recap again, in more details, that should probably clarify any doubts.
The Problem:
In J! 3.3.1 and later users experience problems setting up the Apache based password protected directory
Diagnosis:
Therapy / Cure:
You can fix this in two distinct ways
The Problem:
In J! 3.3.1 and later users experience problems setting up the Apache based password protected directory
Diagnosis:
- .htaccess was changed in that version, see https://github.com/joomla/joomla-cms/co ... 131f02ea3f
- this fix indirectly brought to the light a buried misconfiguraton of default settings in Cpanel, where it tells Apache to search for custom designed HTML error file in a folder, which by default doesn't exist.
- Consequently, when searching for a custom error page to display to users not allowed to enter the password protected directory (401), Apache doesn't find a custom page for that error. Then it gives a 404 error as it wasn't able to find that previously mentioned nonexistent 401 custom HTML error file.
Therapy / Cure:
You can fix this in two distinct ways
- create the missing custom error pages - consult Cpanel documentation how to do it
- tell Apache that instead of searching for nonexistent custom error page, it should simply display a textual message, by inserting this line into .htaccess file :
Code: Select all
ErrorDocument 401 "Authorisation Required"
Last edited by Bernard T on Tue Jul 07, 2015 9:11 pm, edited 1 time in total.
Reason: Since solution was found no further discussion needed
Reason: Since solution was found no further discussion needed
VEL Team || Security Forum || PHP/Web Security Specialist || OWASP member
JAMSS author http://forum.joomla.org/viewtopic.php?f=621&t=777957
Twitter: @toplak
JAMSS author http://forum.joomla.org/viewtopic.php?f=621&t=777957
Twitter: @toplak