.htaccess and .staccess

Nuke Soldier Joined: Dec 08, 2004 Posts: 10

Hi,

I am having difficulties with the ht and st access files, when I upload them I am unable to access the site.

my .htacess contains

Quote:

Options All -Indexes
DirectoryIndex index.php index.htm index.html

# -------------------------------------------
# Start of NukeSentinel(tm) admin.php Auth
# -------------------------------------------
<Files .staccess>
deny from all
</Files>

<Files admin.php>
<Limit GET POST PUT>
require valid-user
</Limit>
AuthName "Restricted"
AuthType Basic
AuthUserFile .staccess
</Files>

# -------------------------------------------
# Start of NukeSentinel(tm) DENY FROM area
# -------------------------------------------

and the .staccess appears top be blank.

I have chmoded the .staccess to 666, does the .htaccess have to have the same permissions?

I have never delt with this before, so I would really apprecaite some assistance.

tnx
ThatzVinyl

Nuke Soldier Joined: Dec 08, 2004 Posts: 10

ok,

i now have my .htaccess looking like this

Quote:

# -------------------------------------------
# Start of NukeSentinel(tm) admin.php Auth
# -------------------------------------------
<Files .staccess>
deny from all
</Files>

<Files admin.php>
<Limit GET POST PUT>
require valid-user
</Limit>
AuthName "Restricted by NukeSentinel(tm)"
AuthType Basic
AuthUserFile /home/httpd/vhosts/thatzvinyl.com/httpdocs/.staccess
</Files>
# -------------------------------------------
# End of NukeSentinel(tm) admin.php Auth
# -------------------------------------------

But I still cannot login in

Support Mod Joined: Feb 15, 2004 Posts: 806

Did Sentinel mentioned somewhere in user-manual document on how to deal with these two files? If Sendinel never altering .htaccess file, you can CHMOD it to 644. It seems that .staccess is a special file used by Sentinel to store valid admin login info (through http auth basic). If Sentinel managing this file, it advisable to CHMOD .staccess as 777.

Just one last question: What kind of error you get when trying to access the site? Is it a 500 internal server error or something else? Is this error occured on entire site or just whenever you tried to access admin.php file?

Posted: Wed Dec 08, 2004 6:18 pm

at first you must set your admin password before activating HTTPAuth
or CGIAuth and remove the code above from .htaccess file.
then go to sentinel's main admin panel and make sure you have
Admin Auth: set to Admin CGIAuth.
then goto admin.php?op=ABAuthList and there should be a link with a
label of Build CGIAuth file:. Click that link which will then store
the CGIAuth aid's and passwords into the .staccess file.
Then you can add the code above back into your .htaccess file

General Joined: Mar 22, 2003 Posts: 5233 Location: USA

The official support site for NukeSentinel(tm) is http://ravenphpscripts.com . We appreciate NC for handling questions about it, but for answers from the authors I suggest the support site.

Nuke Soldier Joined: Dec 08, 2004 Posts: 10

thanks for the advice, will give it a go.

Nuke Soldier Joined: Dec 08, 2004 Posts: 10

thats great it worked.

Nuke Cadet Joined: May 23, 2004 Posts: 4

Im having the same problem to after following all the above. Does this by any way conflict with admin secure?

Lieutenant Joined: Jan 10, 2004 Posts: 188 Location: UK

I have posted this elsewhere but will repeat it anyway as I came across this myslef on a new install with 7.6

When you use CGIAuth Setup it gives you a code to add into htaccess.
In the code find the line

Code:

AuthName "Restricted by NukeSentinel(tm)"

Change to

Code:

AuthName "your admin.php user login name"

Where your admin.php user login name is obviously your admin name.

Failure to do this will result in being asked 3 times for username and password then a 401 error or similar.

Nuke Cadet Joined: Jan 19, 2005 Posts: 1

Problems with .htaccess and .staccess (for cgiAuth)?
I told this in my web. (http://usuarios.lycos.es/laguerdenacho)
The problem is that you have to put in .htaccess the full path of the .staccess file
.htaccess and .staccess >> chmod 666
Now make a txt file with the following code, ande rename to whatever.php

Code:

<?php
echo".htaccess generator for Nuke Sentinel - By Nacho - http://usuarios.lycos.es/laguerdenacho "
."Copy the code between (*****) lines to make your .htaccess file "
." "
." "
." "
."********************************************************************** "
."# ------------------------------------------- "
."# Start of NukeSentinel(tm) admin.php Auth "
."# ------------------------------------------- "
."<Files .staccess> "
. "deny from all "
. "</Files> "
. " "
. "<Files admin.php> "
. "<Limit GET POST PUT> "
. "require valid-user "
. "</Limit> "
. "AuthName "Restricted access" "
. "AuthType Basic "
. "AuthUserFile ". getcwd() ."/.staccess "
. "</Files>"
."# ------------------------------------------- "
."# End of NukeSentinel(tm) admin.php Auth "
."# ------------------------------------------- "
."********************************************************************** "
."";
?>

Upload the file to your server, and point your browser to _www.yourwebb/whatever.php
There you will see your personal code to make the .htaccess file. You don't need to change anything

Posted: Sun Apr 24, 2005 2:50 am

Hi all

I was woundring about how i can protect more than one file??
Here is a eks. :

Code:

<Files admin.php>
<Limit GET POST PUT>
require valid-user
</Limit>
AuthName EnterPassword
AuthType Basic
AuthUserFile /your_root_to_httproot/.htpasswd
</Files>

In that eks, it's only protect one file admin.php, but how can i add some more files in the same .htaccess???

Hi Smile

I found it : Smile

Code:

<FilesMatch admin.php>
AuthName "Restricted File"
AuthType Basic
AuthUserFile /user/home/www/directory/.htpasswd
require valid-user
</FilesMatch>

<FilesMatch config.php>
AuthName "Restricted File"
AuthType Basic
AuthUserFile /user/home/www/directory/.htpasswd
require valid-user
</FilesMatch>

Use the <FilesMatch> tag to protect individual files. It's mean that we can protect all admin.php or whatever in your site Smile

All admin.php are protected Smile