Support

niget2002 · #1 06-02-2011, 10:31 AM

We have an .htaccess file that is supposed to limit access to the directory to all but one file. The code is as below. The htacces file gets loaded by LiteSpeed, but when you try to access the one page, it still asks for a login.

Any ideas?

Code:

Options +FollowSymLinks

RewriteEngine on

<Files ~ "^(admin-ajax|comment|edit-comments)\.php$">
        Order allow,deny
        Allow from all
        Deny from none
</Files>

Order deny,allow
Deny from all
Allow from 216.143.120.128/28
Allow from 10.1.252.0/23

AuthType Basic
AuthName "Restricted Files"
AuthUserFile /var/www/htpasswd/adminpw
Require user seth

webizen · #2 06-02-2011, 11:13 AM

Try

Code:

RewriteEngine on

<Files ~ "^(admin-ajax|comment|edit-comments)\.php$">
        Order allow,deny
        Allow from all
        Deny from none
</Files>

Order deny,allow
Deny from all
Allow from 216.143.120.128/28
Allow from 10.1.252.0/23

AuthType Basic
AuthName "Restricted Files"
AuthUserFile /var/www/htpasswd/adminpw
Require user seth

# just add this line
Satisfy Any

niget2002 · #3 06-02-2011, 02:05 PM

That doesn't seem to be working. After doing a graceful restart, the system is still asking for a login. I verified from a second browser.

webizen · #4 06-02-2011, 03:26 PM

enable debug logging (admin console -> configuration -> server -> log):
Log Level: DEBUG
Debug Level: HIGH

and check error.log

niget2002 · #5 06-06-2011, 01:55 PM

I grabbed what I believe to be the relevent part of the log. Please let me know if you need to see more:

Code:

2011-06-06 13:50:36.286 [NOTICE] [10.1.252.110:60806-7#APVH_anthem.edu] Content len: 67, Request line: 'POST /wp-admin/admin-ajax.php HTTP/1.1'
2011-06-06 13:50:36.286 [INFO] [10.1.252.110:60806-7#APVH_anthem.edu] Cookie len: 662, WRUID=0; __utma=199686398.174548130.1300911089.1307041428.1307384134.39; __utmz=199686398.1304370020.21.3.utmcsr=anthemcollege.edu|utmccn=(referral)|utmcmd=referral|utmcct=/; wooTracker=2YZCG37OZ4CKL99MA27YVG4AH8ULNFJZ; wooMeta=NTgwMCYxJjAmNiYxMzAxOTM0MDk1OTQ3JjEzMDE5MzQwOTU5NDcmJjEwMCYmNTAwMDk0JiYmJg==; wm_AnthemEdGroup=1302276569687; _jsuid=8954811145343952407; is_returning=1; wp-settings-4=m9%3Dc%26m10%3Do%26m11%3Do%26m13%3Do%26m14%3Do%26m16%3Do; wp-settings-time-4=1305031844; ki_u=04f5e341-96d4-f30b-2787-9dedf53a4e5d; ki_t=1306535731610%3B1307384133723%3B1307386235995%3B4%3B66; ki_s=32042%3A1.0.0.0; __utmb=199686398.22.10.1307384134; __utmc=199686398
2011-06-06 13:50:36.286 [DEBUG] [10.1.252.110:60806-7#APVH_anthem.edu] Read Request Body!
2011-06-06 13:50:36.286 [DEBUG] [10.1.252.110:60806-7#APVH_anthem.edu] Finished request body 67 bytes!
2011-06-06 13:50:36.286 [DEBUG] [10.1.252.110:60806-7#APVH_anthem.edu] Find context with URI: [/], location: [/var/www/anthem.edu/htdocs/]
2011-06-06 13:50:36.286 [DEBUG] [HTAccess] Updating configuration file [/var/www/anthem.edu/htdocs/wp-admin/.htaccess]
2011-06-06 13:50:36.286 [INFO] [HTAccess] Configuration file [/var/www/anthem.edu/htdocs/wp-admin/.htaccess] changed.
2011-06-06 13:50:36.286 [INFO] [HTAccess] Updating configuration from [/var/www/anthem.edu/htdocs/wp-admin/.htaccess]
2011-06-06 13:50:36.286 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:1] processing direcitve: RewriteEngine on.
2011-06-06 13:50:36.286 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:1] clear existing rewrite rules
2011-06-06 13:50:36.286 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:1] enable rewrite engine: 1
2011-06-06 13:50:36.286 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:3] processing direcitve: <Files ~ "^(admin-ajax.php$">.
2011-06-06 13:50:36.287 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:4] processing direcitve: Order allow,deny.
2011-06-06 13:50:36.287 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:5] processing direcitve: Allow from all.
2011-06-06 13:50:36.287 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:6] processing direcitve: Deny from none.
2011-06-06 13:50:36.287 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:7] processing direcitve: </Files>.
2011-06-06 13:50:36.287 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:9] processing direcitve: Order deny,allow.
2011-06-06 13:50:36.287 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:10] processing direcitve: Deny from all.
2011-06-06 13:50:36.287 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:14] processing direcitve: AuthType Basic.
2011-06-06 13:50:36.287 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:15] processing direcitve: AuthName "Restricted Files".
2011-06-06 13:50:36.287 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:16] processing direcitve: AuthUserFile /var/www/htpasswd/adminpw.
2011-06-06 13:50:36.287 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:17] processing direcitve: Require user seth.
2011-06-06 13:50:36.287 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:20] processing direcitve: Satisfy Any.
2011-06-06 13:50:36.287 [DEBUG] [10.1.252.110:60806-7#APVH_anthem.edu] Find .htaccess context with URI: [/wp-admin/], location: [/var/www/anthem.edu/htdocs/wp-admin/]
2011-06-06 13:50:36.287 [DEBUG] [10.1.252.110:60806-7#APVH_anthem.edu] processContextPath() return 0
2011-06-06 13:50:36.287 [DEBUG] [10.1.252.110:60806-7#APVH_anthem.edu] checkAuthentication() return 22
2011-06-06 13:50:36.287 [DEBUG] [10.1.252.110:60806-7#APVH_anthem.edu] processNewReq() return 22. 
2011-06-06 13:50:36.287 [DEBUG] [10.1.252.110:60806-7#APVH_anthem.edu] HttpConnection::sendHttpError(),code=401 Unauthorized
2011-06-06 13:50:36.287 [DEBUG] [10.1.252.110:60806-7#APVH_anthem.edu] HttpConnection::flush()!
2011-06-06 13:50:36.287 [DEBUG] [10.1.252.110:60806-7#APVH_anthem.edu] Written to client: 713
2011-06-06 13:50:36.287 [DEBUG] [10.1.252.110:60806-7#APVH_anthem.edu] HttpConnection::nextRequest()!
2011-06-06 13:50:36.734 [DEBUG] [10.1.252.110:60801-9] HttpIOLink::handleEvents() events=1!
2011-06-06 13:50:36.734 [DEBUG] [10.1.252.110:60801-9] HttpConnection::onReadEx(), state: 0!
2011-06-06 13:50:36.734 [DEBUG] [10.1.252.110:60801-9] readToHeaderBuf(). 
2011-06-06 13:50:36.734 [DEBUG] [10.1.252.110:60801-9] Read from client: 1254
2011-06-06 13:50:36.734 [DEBUG] [10.1.252.110:60801-9] read 1254 bytes to header buffer
2011-06-06 13:50:36.734 [DEBUG] [10.1.252.110:60801-9] processHeader() return 0, header state: 3. 
2011-06-06 13:50:36.734 [DEBUG] [10.1.252.110:60801-9] readToHeaderBuf() return 0.

webizen · #6 06-06-2011, 09:28 PM

Quote:

<Files ~ "^(admin-ajax|comment|edit-comments)\.php$">
Order allow,deny
Allow from all
Deny from none
</Files>

should change to (i.e. ^ should be removed)

Quote:

<Files ~ "(admin-ajax|comment|edit-comments)\.php$">
Order allow,deny
Allow from all
Deny from none
</Files>

niget2002 · #7 06-08-2011, 08:56 AM

We tried removing the carrot, but we are still having problems. Either we set the .htaccess file one way and the login request pops up, or we set it another way and the users have access to the entire directory.

Are there any other settings/config files I can show you to help make sure the system is configured correctly?

NiteWave · #8 06-08-2011, 09:27 AM

how about remove this part:

Quote:

AuthType Basic
AuthName "Restricted Files"
AuthUserFile /var/www/htpasswd/adminpw
Require user seth

webizen · #9 06-08-2011, 06:15 PM

Can you elaborate this? also assume request coming from 10.1.252.*, right?

Quote:

Originally Posted by niget2002

We tried removing the carrot, but we are still having problems. Either we set the .htaccess file one way and the login request pops up, or we set it another way and the users have access to the entire directory.

...