LEGEND:
$== shell prompt
ctrl-d == control-d keystroke
(*comments*) == comments

Telnet into your account, change to the 35 directory you want to protect, and type exactly line per line as below...

$cat > .htaccess
AuthUserFile /big/dom/xsexualcontrol/otherdir/.htpasswd
AuthName ByPassword
AuthType Basic

<Limit GET>
require user pumpkin
</Limit>
ctrl-d

$cat .htpasswd (*make sure that everything is correct*)
$cd /big/dom/xsexualcontrol
$mkdir otherdir
$cd otherdir
$htpasswd -c .htpasswd pumpkin
(*enter in password twice*)

(*to add more users*)
$htpasswd .htpasswd user14


Now go to that directory you just protected via your browser, and it should now ask you for authentication...

--
Terra
Command-Line Commando
FutureQuest.net

[This message has been edited by ccTech (edited 01-10-99).]

I telneted in and typed
$== shell prompt
Was told command not found.
Then I tried
== shell prompt
and $==shell prompt
and ==shell prompt

Was told command not found.

What happened?

jz
Command line wimp.

Hey Joe...
$== shell prompt
ctrl-d == control-d keystroke
(*comments*) == comments

The above was more a legend for you to reference meaning...

$ represents the prompt when you are telnetted in and where he says ctrl-d it means to press down the ctrl key while pressing the D key and *'s around words means that these are just comments from him and not to be typed....

Hope this helps
Deb

I would like to password protect a directory in my message forum. Am using discus.
Their instructions are:
______
Let's say that the "Private area (members only)" topic was in the subdirectory called 35 (this subdirectory is created within the messages subdirectory).

To require a password to read messages in this topic, you need to create a .htaccess file in this 35 directory that looks like this:
AuthUserFile /otherdir/.htpasswd
AuthGroupFile /dev/null
AuthName ByPassword
AuthType Basic

<Limit GET>
require user pumpkin
</Limit>

This would allow the user pumpkin to access the topic (one of those browser "Enter username and password to access this resource" dialog boxes would pop up the first time a user attempted to access the topic).

pumpkin's password is stored in the file /otherdir/.htpasswd.
pumpkin's password is set using the htpasswd command from the command line. The actual implementation and format of the use of this command will vary from server to server.

---------------
I sort of understand the .htaccess file.
Am lost about:
how do i set up the /otherdir/.htpasswd
directory and file.

Going to need mucho help.

Thanx in advance,

jz

In my previous message I left 4 examples of what I typed in and the results I got. Two of them covered what you suggested.

I tried it again and typed
== shell prompt
and got same result as described in my previous message.
I just tried it with = shell prompt.
And I tried shell prompt

I don't know what else to do. I have tried 6 different versions with the same results.

Also in his first message he said to type it exactly as he had it.
Now I'm told that the *'s are comments and not to be typed.
OK, will do.

jz

Command line confused.

cat > .htaccess
AuthUserFile /big/dom/xsexualcontrol/otherdir/.htpasswd
AuthName ByPassword
AuthType Basic

<Limit GET>
require user pumpkin
</Limit>
ctrl-d(Joe... press the ctrl key and the d key at same time.. do not type ctrl-d)

cat .htpasswd
cd /big/dom/xsexualcontrol
mkdir otherdir
cd otherdir
htpasswd -c .htpasswd pumpkin

htpasswd .htpasswd user14



The above is what you would type....

You are not supposed to type the 'notes'...

This will hopefully make it more clear...

Deb

You don't need to actually type '== shell prompt'. '$ == shell prompt' is just basicly a map to explain that when you see a '$' on your telnet screen, you're at the shell prompt. Basicly look at == as meaning 'is equal to', Terra's obviously been playing with coding too much *g* (also keep an eye out for eq)

When you're in the dir you want to protect, type the following;

cat > .htaccess
AuthUserFile /big/dom/xsexualcontrol/otherdir/.htpasswd
AuthName ByPassword
AuthType Basic

<Limit GET>
require user pumpkin
</Limit>

Then hit and hold your [ctrl] key, and depress your [d] key at the same time.

Then type the following when you next see your $ prompt;

cat .htpasswd

Hit enter and watch the result. You should get another prompt ( or $)

Now type the following;

cd /big/dom/xsexualcontrol

and hit [enter]. Then type

mkdir otherdir

and hit [enter]. Then type

cd otherdir

hit [enter], then type

htpasswd -c .htpasswd pumpkin

Now it should ask you for the password for user pumpkin. Type the desired password and hit enter, then it'll ask again, and you do it again (safety, make sure spelling matches)

And you're done! Go to http://www.yourdomain.com/path/to/protected/dir and see what happens. It should ask you for a usrname and password to enter the dir.

When you're ready to add more users to the list, simply log in and type the following line at your prompt

cd /big/dom/xsexualcontrol/otherdir

[enter] Then type

htpasswd .htpasswd new_username

[enter] And it will ask you for a password, again twice to verify spelling. Then that user will be allowed into the protected dir when they punch in their username/password.

Hope this helps. If it doesn't, feel free to email me at del@downinit.com and I'll help out.

*grin* Hiya Deb! At least we're on opposite sides of the country when this happens hehehe

------------------
Del
www.downinit.com (http://www.downinit.com)

I use ta couldnt even spell student, n now I are one!



[This message has been edited by Del (edited 01-11-99).]

Almost there. But...
First of all if I type cat .htpasswd as suggested I am told no such file or directory exist. So I experimented with cat .htaccess. That worked.
Then I created the /otherdir.
Then entered a password for clientabc twice.
Tried access.
Password screen came up!

Whoops, sorry about that.

Find the line in .htaccess that says
require user pumpkin

and change it to
require valid-user

That should make it work with multiple users.

The cat .htpasswd is a check to see that there wasn't already one existing. It did it's job perfectly by telling you it didn't exist. The point of doing it is so you don't clobber an existing password file without knowing it.



------------------
Del
www.downinit.com (http://www.downinit.com)

I use ta couldnt even spell student, n now I are one!

Thank you very much.
Question: can I change .htaccess using notepad or wordpad?

Also can I set up a password file using those proggies or do I always have to telnet in?

Appreciate your support

jz

Command line awakening

You can as long as you upload it in 'ASCII' mode... This will convert the DOS 'CRLF' to a more sensible Unix 'LF' line terminators...

--
Terra
--Boldly going where everyone has gone before--
FutureQuest

--Boldly going where everyone has gone before--
Andrew,
You really need to put out a Signature Compilation soon!

------------------
alba gu brath

Yeah, that was one of the few .sigs I've gotten a chuckle out of.

liked it muchly.

On another note: how can I set up the .htpasswd file in wordpad? When I loaded it in it appears to have been encrypted from the telnet session.

thanx,


jz

If you want to do some serious editing, and be compatible with Dos/Win/Unix/Mac, seriously consider UltraEdit-32...

The reason it looks garbled, is that wordpad is braindead on interpreting the 'LF' terminators... It's a very common occurance, and UltraEdit-32 will let you convert on the fly...

Try to download the .htaccess file via ASCII mode, and it should translate it back for you...

--
Terra
--WordSmith that is always shooting from the hip--
FutureQuest

I had the same problem, uploaded in ASCII, but that's not the problem. For example, I used username guest and password something. In the file, it said:

guest:l4jha0fdh

or the like. It works, but there's definately some mild encryption there. But it does work with the password I entered (something was an example, of course).

It might have been the actual password file, though, not .htaccess, that I'm thinking of (and that Joe's thinking of as well). Or I might just be tired and don't know what the heck I'm rambling about http://www.aota.net/ubb/smile.gif

Justin

------------------
Justin Nelson, SFE Inc.
http://www.vdj.net

guest:l4jha0fdh

Yes that is the password file and the password is encrypted... http://www.aota.net/ubb/smile.gif

Deb

oops. I hit the wrong button. Now to continue the saga.
Leaving out an hour of details:
It works with one name and one password.
If I try to add other names and passwords sytem does not work.

I can get by on one name and password. Just curious. Did I miss something?

Thanx Deb, Del and Terra.