Server version: Apache/2.2.16 (Unix) - running on Ubuntu 10.04
I am trying to protect a directory using basic authentication and the
user is being continuously prompted for the password but it is never
accepted - Apache logs message similar to below:-
[Tue Aug 24 11:23:14 2010] [error] [client xx.xx.xx.xx] user username:
authentication failure for "/path/to/script.php": Password Mismatch,
referer: http://www.example.com/path/to/index.php
.htaccess directives are below:-
AuthUserFile /path/to/.htpasswd
AuthType Basic
AuthName "Restricted Area"
Require valid-user
These are the checks I have done:-
1) Ensured the password is correctly stored in /path/to/.htpasswd (tried
with both crypt and MD5 encryption)
2) Both .htaccess and .htpasswd have read perms for the web process
(files owned by root with -rw-r-r- permissions)
3) All directories above the location of the .htpasswd and .htaccess
files have 755 permissions i.e. drwxr-x-rx
4) This is the list of modules loaded by Apache:-
Loaded Modules:
core_module (static)
authn_file_module (static)
authn_default_module (static)
authz_host_module (static)
authz_groupfile_module (static)
authz_user_module (static)
authz_default_module (static)
auth_basic_module (static)
include_module (static)
filter_module (static)
deflate_module (static)
log_config_module (static)
env_module (static)
setenvif_module (static)
version_module (static)
mpm_prefork_module (static)
http_module (static)
mime_module (static)
status_module (static)
autoindex_module (static)
asis_module (static)
cgi_module (static)
negotiation_module (static)
dir_module (static)
actions_module (static)
userdir_module (static)
alias_module (static)
rewrite_module (static)
so_module (static)
php5_module (shared)
Syntax OK
Anybody have any ideas/suggestions?
Many thanks in advance
Rich
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org