Problems with an .htaccess file

Discussion in 'Install/Configuration' started by niget2002, Jun 2, 2011.

  1. niget2002

    niget2002 New Member

    We have an .htaccess file that is supposed to limit access to the directory to all but one file. The code is as below. The htacces file gets loaded by LiteSpeed, but when you try to access the one page, it still asks for a login.

    Any ideas?

    Code:
    Options +FollowSymLinks
    
    RewriteEngine on
    
    <Files ~ "^(admin-ajax|comment|edit-comments)\.php$">
            Order allow,deny
            Allow from all
            Deny from none
    </Files>
    
    Order deny,allow
    Deny from all
    Allow from 216.143.120.128/28
    Allow from 10.1.252.0/23
    
    AuthType Basic
    AuthName "Restricted Files"
    AuthUserFile /var/www/htpasswd/adminpw
    Require user seth
    
    
  2. webizen

    webizen New Member

    Try
    Code:
    
    RewriteEngine on
    
    <Files ~ "^(admin-ajax|comment|edit-comments)\.php$">
            Order allow,deny
            Allow from all
            Deny from none
    </Files>
    
    Order deny,allow
    Deny from all
    Allow from 216.143.120.128/28
    Allow from 10.1.252.0/23
    
    AuthType Basic
    AuthName "Restricted Files"
    AuthUserFile /var/www/htpasswd/adminpw
    Require user seth
    
    # just add this line
    Satisfy Any
    
    Last edited: Jun 2, 2011
  3. niget2002

    niget2002 New Member

    That doesn't seem to be working. After doing a graceful restart, the system is still asking for a login. I verified from a second browser.
  4. webizen

    webizen New Member

    enable debug logging (admin console -> configuration -> server -> log):
    Log Level: DEBUG
    Debug Level: HIGH

    and check error.log
  5. niget2002

    niget2002 New Member

    I grabbed what I believe to be the relevent part of the log. Please let me know if you need to see more:

    Code:
    2011-06-06 13:50:36.286 [NOTICE] [10.1.252.110:60806-7#APVH_anthem.edu] Content len: 67, Request line: 'POST /wp-admin/admin-ajax.php HTTP/1.1'
    2011-06-06 13:50:36.286 [INFO] [10.1.252.110:60806-7#APVH_anthem.edu] Cookie len: 662, WRUID=0; __utma=199686398.174548130.1300911089.1307041428.1307384134.39; __utmz=199686398.1304370020.21.3.utmcsr=anthemcollege.edu|utmccn=(referral)|utmcmd=referral|utmcct=/; wooTracker=2YZCG37OZ4CKL99MA27YVG4AH8ULNFJZ; wooMeta=NTgwMCYxJjAmNiYxMzAxOTM0MDk1OTQ3JjEzMDE5MzQwOTU5NDcmJjEwMCYmNTAwMDk0JiYmJg==; wm_AnthemEdGroup=1302276569687; _jsuid=8954811145343952407; is_returning=1; wp-settings-4=m9%3Dc%26m10%3Do%26m11%3Do%26m13%3Do%26m14%3Do%26m16%3Do; wp-settings-time-4=1305031844; ki_u=04f5e341-96d4-f30b-2787-9dedf53a4e5d; ki_t=1306535731610%3B1307384133723%3B1307386235995%3B4%3B66; ki_s=32042%3A1.0.0.0; __utmb=199686398.22.10.1307384134; __utmc=199686398
    2011-06-06 13:50:36.286 [DEBUG] [10.1.252.110:60806-7#APVH_anthem.edu] Read Request Body!
    2011-06-06 13:50:36.286 [DEBUG] [10.1.252.110:60806-7#APVH_anthem.edu] Finished request body 67 bytes!
    2011-06-06 13:50:36.286 [DEBUG] [10.1.252.110:60806-7#APVH_anthem.edu] Find context with URI: [/], location: [/var/www/anthem.edu/htdocs/]
    2011-06-06 13:50:36.286 [DEBUG] [HTAccess] Updating configuration file [/var/www/anthem.edu/htdocs/wp-admin/.htaccess]
    2011-06-06 13:50:36.286 [INFO] [HTAccess] Configuration file [/var/www/anthem.edu/htdocs/wp-admin/.htaccess] changed.
    2011-06-06 13:50:36.286 [INFO] [HTAccess] Updating configuration from [/var/www/anthem.edu/htdocs/wp-admin/.htaccess]
    2011-06-06 13:50:36.286 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:1] processing direcitve: RewriteEngine on.
    2011-06-06 13:50:36.286 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:1] clear existing rewrite rules
    2011-06-06 13:50:36.286 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:1] enable rewrite engine: 1
    2011-06-06 13:50:36.286 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:3] processing direcitve: <Files ~ "^(admin-ajax.php$">.
    2011-06-06 13:50:36.287 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:4] processing direcitve: Order allow,deny.
    2011-06-06 13:50:36.287 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:5] processing direcitve: Allow from all.
    2011-06-06 13:50:36.287 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:6] processing direcitve: Deny from none.
    2011-06-06 13:50:36.287 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:7] processing direcitve: </Files>.
    2011-06-06 13:50:36.287 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:9] processing direcitve: Order deny,allow.
    2011-06-06 13:50:36.287 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:10] processing direcitve: Deny from all.
    2011-06-06 13:50:36.287 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:14] processing direcitve: AuthType Basic.
    2011-06-06 13:50:36.287 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:15] processing direcitve: AuthName "Restricted Files".
    2011-06-06 13:50:36.287 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:16] processing direcitve: AuthUserFile /var/www/htpasswd/adminpw.
    2011-06-06 13:50:36.287 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:17] processing direcitve: Require user seth.
    2011-06-06 13:50:36.287 [DEBUG] [/var/www/anthem.edu/htdocs/wp-admin/.htaccess:20] processing direcitve: Satisfy Any.
    2011-06-06 13:50:36.287 [DEBUG] [10.1.252.110:60806-7#APVH_anthem.edu] Find .htaccess context with URI: [/wp-admin/], location: [/var/www/anthem.edu/htdocs/wp-admin/]
    2011-06-06 13:50:36.287 [DEBUG] [10.1.252.110:60806-7#APVH_anthem.edu] processContextPath() return 0
    2011-06-06 13:50:36.287 [DEBUG] [10.1.252.110:60806-7#APVH_anthem.edu] checkAuthentication() return 22
    2011-06-06 13:50:36.287 [DEBUG] [10.1.252.110:60806-7#APVH_anthem.edu] processNewReq() return 22. 
    2011-06-06 13:50:36.287 [DEBUG] [10.1.252.110:60806-7#APVH_anthem.edu] HttpConnection::sendHttpError(),code=401 Unauthorized
    2011-06-06 13:50:36.287 [DEBUG] [10.1.252.110:60806-7#APVH_anthem.edu] HttpConnection::flush()!
    2011-06-06 13:50:36.287 [DEBUG] [10.1.252.110:60806-7#APVH_anthem.edu] Written to client: 713
    2011-06-06 13:50:36.287 [DEBUG] [10.1.252.110:60806-7#APVH_anthem.edu] HttpConnection::nextRequest()!
    2011-06-06 13:50:36.734 [DEBUG] [10.1.252.110:60801-9] HttpIOLink::handleEvents() events=1!
    2011-06-06 13:50:36.734 [DEBUG] [10.1.252.110:60801-9] HttpConnection::onReadEx(), state: 0!
    2011-06-06 13:50:36.734 [DEBUG] [10.1.252.110:60801-9] readToHeaderBuf(). 
    2011-06-06 13:50:36.734 [DEBUG] [10.1.252.110:60801-9] Read from client: 1254
    2011-06-06 13:50:36.734 [DEBUG] [10.1.252.110:60801-9] read 1254 bytes to header buffer
    2011-06-06 13:50:36.734 [DEBUG] [10.1.252.110:60801-9] processHeader() return 0, header state: 3. 
    2011-06-06 13:50:36.734 [DEBUG] [10.1.252.110:60801-9] readToHeaderBuf() return 0. 
    
  6. webizen

    webizen New Member

    should change to (i.e. ^ should be removed)
  7. niget2002

    niget2002 New Member

    We tried removing the carrot, but we are still having problems. Either we set the .htaccess file one way and the login request pops up, or we set it another way and the users have access to the entire directory.

    Are there any other settings/config files I can show you to help make sure the system is configured correctly?
  8. NiteWave

    NiteWave Administrator

    how about remove this part:
  9. webizen

    webizen New Member

    Can you elaborate this? also assume request coming from 10.1.252.*, right?

Share This Page