.htaccess on Linux with CPANEL & WHM - GoFuckYourself.com

SandraB · 07-04-2003, 04:18 PM

Why are all our .htaccess files ignored on this system? What could cause the problem and where can I fix it?

Lill2rich4u2 · 07-04-2003, 04:25 PM

suck a cock

Bucho · 07-04-2003, 04:26 PM

we have a few servers with cpanel - and .htaccess is working just fine on them...
You can try to ask on Rackshack's cpanel forums:
http://forum.rackshack.net/forumdisp...?s=&forumid=44

they will help you out - normally quite fast (even if you are not a RS client)

easyjesus · 07-04-2003, 04:26 PM

http://forum.rackshack.net <-- has the answers and alot of brilliant, howto's !

SandraB · 07-04-2003, 04:27 PM

Are there no Linux gurus here?

Thanks Lill2rich4u2 .... Very mature verbal masturbation...!

Lill2rich4u2 · 07-04-2003, 04:28 PM

Quote:

Originally posted by SandraB
Are there no Linux gurus here?

Thanks Lill2rich4u2 .... Very mature verbal masturbation...!

bitch

SandraB · 07-04-2003, 04:29 PM

Thanks Bucho and easyjesus ... I Should have used that in the first place. Didn't think about at the time. Thanks a lot though and a very good and prosporus week-end.

Juicy D. Links · 07-04-2003, 04:30 PM

Sandra,
Go into cpanel and hit the hotlink protection button if you want to add any domains.

You can also add stuff manually to the .htaccess file in your root post what you have so I can see

Bucho · 07-04-2003, 04:30 PM

Quote:

Originally posted by SandraB
Are there no Linux gurus here?

plenty of linux guys here im sure - you would need to be a bit more specific in describing your problem though

SandraB · 07-04-2003, 04:36 PM

Okey ... I'll try to describe the problem.

We have moved our sites from one server to a new server.

Let's say that we have this structure.

/public_html/members/.htaccess
Which says where to fetch the .htpasswd file.

The problem is that the the folder just stays open!

Could the problem be found in the httpd.conf for Apache or is it more simple.

SandraB · 07-04-2003, 04:40 PM

Quote:

Originally posted by juicylinks
Sandra,
Go into cpanel and hit the hotlink protection button if you want to add any domains.

You can also add stuff manually to the .htaccess file in your root post what you have so I can see

Here you go :

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://worldpeace.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.worldpeace.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://xxx.xxx.xxx.xx/.*$ [NC]
RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ http://www.worldpeace.com [R,NC]

Fuckin Bill · 07-04-2003, 05:10 PM

It .htaccess working on the server at all? or just not working for you in this one directory?

First thing you should do is check your apache configurations and make sure directories are set to allow overrides. If that option is not turned on, apache will only follow directives in the main config file and will ignore and .htaccess files.

Mr.Fiction · 07-04-2003, 05:27 PM

mephisto · 07-04-2003, 06:10 PM

try this. type some random garbage in the htaccess. try to surf to the folder. if you don't get a 500 error. your server is ignoring your htaccess.
if this the case, indicate it here and we can go on diagnosing the problem from there or paste your httpd.conf and htaccess and someone here can fix it for you.

SandraB · 07-04-2003, 06:22 PM

Quote:

Originally posted by mephisto
try this. type some random garbage in the htaccess. try to surf to the folder. if you don't get a 500 error. your server is ignoring your htaccess.
if this the case, indicate it here and we can go on diagnosing the problem from there or paste your httpd.conf and htaccess and someone here can fix it for you.

It doesen't do the trick - Unfortunatly. The .htaccess file is protected from surfers ie. they can't see the file. But it does not do the commands they are supposed to

p00p · 07-04-2003, 06:27 PM

Try adding this to your .htaccess file

AuthPAM Enabled off

or try it with AuthPAM Enabled on

Or maybe mod_auth isn't installed?

p00p · 07-04-2003, 06:32 PM

Try this one with no brackets
If you have Limit tags in brackets, don't use them...just copy and paste what I typed below. No brackets of any kind!

AuthUserFile /home/path/to/.htpasswd
AuthGroupFile /dev/null
AuthName "Member Area"
AuthType Basic

require valid-user

SandraB · 07-04-2003, 06:35 PM

Quote:

Originally posted by p00p
Try adding this to your .htaccess file
AuthPAM Enabled off
or try it with AuthPAM Enabled on
Or maybe mod_auth isn't installed?

I did try with both AuthPAM Enabled off and on witout luck.
AddModule mod_auth.c is installed.

Could it be somthing with cpanel and some conf file ... maybe httpd.conf for apache?

SandraB · 07-04-2003, 06:38 PM

Quote:

Originally posted by p00p
Try this one with no brackets
If you have Limit tags in brackets, don't use them...just copy and paste what I typed below. No brackets of any kind!

AuthUserFile /home/path/to/.htpasswd
AuthGroupFile /dev/null
AuthName "Member Area"
AuthType Basic

require valid-user

It still ignores all .htaccess files. The problem probably lies in some config file. I'm not at all a Linux guru - far from..

mephisto · 07-04-2003, 06:40 PM

Quote:

Originally posted by SandraB

It doesen't do the trick - Unfortunatly. The .htaccess file is protected from surfers ie. they can't see the file. But it does not do the commands they are supposed to

i know that what I meant was try going to the folder. if apache gets pissy and gives you an error. it means it sees the htaccess file. its just a test to see if it at all is parsing the htaccess file.

SandraB · 07-04-2003, 06:47 PM

Quote:

Originally posted by mephisto

i know that what I meant was try going to the folder. if apache gets pissy and gives you an error. it means it sees the htaccess file. its just a test to see if it at all is parsing the htaccess file.

I testet that but it didn't work. I got no Internal Server Error - Error 500.

Apache will not do the commands that are written in the .htaccess file.

mephisto · 07-04-2003, 06:55 PM

the you have something in your httpd.conf that says something like

<Directory "/" >
Allowoverride None

</Directory>

see that "none" part thats whats causing the trouble.
make sure its only set for the right directory. if you have a section like the one above change the allowoverride none to Allowoverride Authconfig

that should work. drop a post if it helps or error messages if it doesnt.

directfiesta · 07-04-2003, 06:59 PM

Obviously, the apache httpd config file is not configured properly.

( FYI, I run a few sites on a dedicated box with Linux, Cpanel and WHM. Never had to do anything there.

In the httpd, about 1/4 down:

AllowOverride AuthConfig

In the httpd, about 1/3 down, you have to un # this line:

AccessFilename .htaccess

Post more info: dedicated or virtual ( could make a difference).

With a proper htaccess, does the directory request make the login box to pop-up?

SandraB · 07-04-2003, 07:13 PM

Quote:

Originally posted by mephisto
the you have something in your httpd.conf that says something like

<Directory "/" >
Allowoverride None

</Directory>

see that "none" part thats whats causing the trouble.
make sure its only set for the right directory. if you have a section like the one above change the allowoverride none to Allowoverride Authconfig

that should work. drop a post if it helps or error messages if it doesnt.

Mine was set to Allowoverride Limit and I changed it restarted Apache and it did not help. This is really strange.

SandraB · 07-04-2003, 07:18 PM

Quote:

Originally posted by directfiesta
Obviously, the apache httpd config file is not configured properly.

( FYI, I run a few sites on a dedicated box with Linux, Cpanel and WHM. Never had to do anything there.

In the httpd, about 1/4 down:

AllowOverride AuthConfig

In the httpd, about 1/3 down, you have to un # this line:

AccessFilename .htaccess

Post more info: dedicated or virtual ( could make a difference).

With a proper htaccess, does the directory request make the login box to pop-up?

It is a dedicated box v/ cpanel and WHM.
AllowOverride AuthConfig
and
AccessFilename .htaccess
are both active

I don't even get a login box. when trying to enter a dir that has .htaccess in it. The .htaccess is though being hidden as it should.

SandraB · 07-04-2003, 07:24 PM

Here is a piece of my Apache's httpd.conf

# This should be changed to whatever you set DocumentRoot to.
#
<Directory "/usr/local/apache/htdocs">
#
# This may also be "None", "All", or any combination of "Indexes",
# "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews".
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
Options Indexes FollowSymLinks MultiViews
#
# This controls which options the .htaccess files in directories can
# override. Can also be "All", or any combination of "Options", "FileInfo",
# "AuthConfig", and "Limit"
#
AllowOverride AuthConfig
#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
</Directory>
#
# UserDir: The name of the directory which is appended onto a user's home
# directory if a ~user request is received.
#
<IfModule mod_userdir.c>
UserDir public_html
</IfModule>
#
# Control access to UserDir directories. The following is an example
# for a site where these directories are restricted to read-only.
#
#<Directory /home/*/public_html>
# AllowOverride FileInfo AuthConfig Limit
# Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
# <Limit GET POST OPTIONS PROPFIND>
# Order allow,deny
# Allow from all
# </Limit>
# <LimitExcept GET POST OPTIONS PROPFIND>
# Order deny,allow
# Deny from all
# </LimitExcept>
#</Directory>

#
# DirectoryIndex: Name of the file or files to use as a pre-written HTML
# directory index. Separate multiple entries with spaces.
#
<IfModule mod_dir.c>
DirectoryIndex index.html index.wml index.cgi index.shtml index.jsp index.js index.jp index.php4 index.php3 index.php index.phtml index.htm default.htm default.html home.htm
</IfModule>

#
# AccessFileName: The name of the file to look for in each directory
# for access control information.
#
AccessFileName .htaccess

#
# The following lines prevent .htaccess files from being viewed by
# Web clients. Since .htaccess files often contain authorization
# information, access is disallowed for security reasons. Comment
# these lines out if you want Web visitors to see the contents of
# .htaccess files. If you change the AccessFileName directive above,
# be sure to make the corresponding changes here.
#
# Also, folks tend to use names such as .htpasswd for password
# files, so this will protect those as well.
#
<Files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</Files>

mephisto · 07-04-2003, 07:39 PM

kick me but i dont see anything wrong. maybe i am just sleepy....

try with Allowoverride All....
see if that gets any action out of the htaccess

or make a new
<directory> </directory> section for the directory that you are trying to protect and set it to allowoverride authconfig and see how it works out.

SandraB · 07-04-2003, 07:49 PM

I have tried to set

Allowoverride All

but with no luck eighter.

I have also tried it in several directories but it all says the same. No error message and no activity from the .htaccess files.

It is probably some little thing that is eady to solve but not easy to find.

I hope I'll be able to solve it tomorrow.

directfiesta · 07-04-2003, 07:55 PM

I agree with Mephisto: your config should work.

One thing tough, it that domain setup as a virtual domain, and if so would you have a conf file overriding the default one?

I will check this in 15 minutes... getting my cat in the garden.

SandraB · 07-05-2003, 06:14 AM

I found the problem under..

<Directory "/home">

AllowOverride None

I changed the
AllowOverride None to AllowOverride All

It works now.

I would like to thank all of you for helping me. I really appriciated it.

Wisht you all a good week-end.

-Sandra

JDog · 07-05-2003, 06:22 AM

Quote:

Originally posted by SandraB

It still ignores all .htaccess files. The problem probably lies in some config file. I'm not at all a Linux guru - far from..

yea sounds like it is a conf file problem. I could be using a custom name for the .htaccess file. you'll have to contact your hosting company themselves!

jDoG

SandraB · 07-05-2003, 06:25 AM

Quote:

Originally posted by JDog

yea sounds like it is a conf file problem. I could be using a custom name for the .htaccess file. you'll have to contact your hosting company themselves!

jDoG

I solved the problem

It just took some time and I've learned a little more now

Juicy D. Links · 07-05-2003, 08:01 AM

Sandra hit me on icq 116999839 if you need some help with cpanel

SandraB · 07-05-2003, 05:01 PM

Quote:

Originally posted by juicylinks
Sandra hit me on icq 116999839 if you need some help with cpanel

I unfortunately don't use ICQ but you are welcome to tell me why my server dosen't allow .cgi and .pl scripts.

The problem probably lies somwhare in the Apache httpd.conf file but I don't really know where.

07-04-2003, 04:18 PM	#1
SandraB Confirmed User Join Date: Dec 2002 Location: Neverland Posts: 147	.htaccess on Linux with CPANEL & WHM Why are all our .htaccess files ignored on this system? What could cause the problem and where can I fix it? __________________ Click here to buy Great content in all niches!

07-04-2003, 04:26 PM	#3
Bucho Confirmed User Join Date: May 2003 Posts: 578	we have a few servers with cpanel - and .htaccess is working just fine on them... You can try to ask on Rackshack's cpanel forums: http://forum.rackshack.net/forumdisp...?s=&forumid=44 they will help you out - normally quite fast (even if you are not a RS client) __________________ ICQ: 4646141

07-04-2003, 04:26 PM	#4
easyjesus Confirmed User Join Date: Mar 2002 Location: Ft Worth TX Posts: 291	http://forum.rackshack.net <-- has the answers and alot of brilliant, howto's ! __________________ Loved By Some, Hated By Most.... <a href="http://www.unclejimsporn.com">http://www.unclejimsporn.com</a> <a href="http://www.cousindirty.com">http://www.cousindirty.com</a> <a href="http://www.drunkspringbreakchics.com">http://www.drunkspringbreakchics.com</a>

07-04-2003, 04:27 PM	#5
SandraB Confirmed User Join Date: Dec 2002 Location: Neverland Posts: 147	Are there no Linux gurus here? Thanks Lill2rich4u2 .... Very mature verbal masturbation...! __________________ Click here to buy Great content in all niches!

07-04-2003, 04:29 PM	#7
SandraB Confirmed User Join Date: Dec 2002 Location: Neverland Posts: 147	Thanks Bucho and easyjesus ... I Should have used that in the first place. Didn't think about at the time. Thanks a lot though and a very good and prosporus week-end. __________________ Click here to buy Great content in all niches!

07-04-2003, 04:25 PM	#2
Lill2rich4u2 So Fucking Banned Join Date: Jun 2003 Posts: 53	suck a cock

07-04-2003, 04:30 PM	#8
Juicy D. Links So Fucking Banned Industry Role: Join Date: Apr 2001 Location: N.Y. -Long Island -- Posts: 122,992	Sandra, Go into cpanel and hit the hotlink protection button if you want to add any domains. You can also add stuff manually to the .htaccess file in your root post what you have so I can see

07-04-2003, 04:36 PM	#10
SandraB Confirmed User Join Date: Dec 2002 Location: Neverland Posts: 147	Okey ... I'll try to describe the problem. We have moved our sites from one server to a new server. Let's say that we have this structure. /public_html/members/.htaccess Which says where to fetch the .htpasswd file. The problem is that the the folder just stays open! Could the problem be found in the httpd.conf for Apache or is it more simple. __________________ Click here to buy Great content in all niches!

07-04-2003, 05:10 PM	#12
Fuckin Bill Confirmed User Join Date: Feb 2003 Posts: 1,020	It .htaccess working on the server at all? or just not working for you in this one directory? First thing you should do is check your apache configurations and make sure directories are set to allow overrides. If that option is not turned on, apache will only follow directives in the main config file and will ignore and .htaccess files.

07-04-2003, 05:27 PM	#13
Mr.Fiction Confirmed User Join Date: Feb 2002 Location: Free Speech Land Posts: 9,484

07-04-2003, 06:10 PM	#14
mephisto Registered User Join Date: Oct 2002 Posts: 60	try this. type some random garbage in the htaccess. try to surf to the folder. if you don't get a 500 error. your server is ignoring your htaccess. if this the case, indicate it here and we can go on diagnosing the problem from there or paste your httpd.conf and htaccess and someone here can fix it for you. __________________ Seek freedom and become captive of your desires. Seek discipline and find your liberty. AB-Arun

07-04-2003, 06:27 PM	#16
p00p Confirmed User Join Date: Dec 2002 Location: CanaDUH Posts: 5,125	Try adding this to your .htaccess file AuthPAM Enabled off or try it with AuthPAM Enabled on Or maybe mod_auth isn't installed? __________________ ICQ: 316365783 <a href="http://www.hostultra.com/~p00p" target="_blank">TEST</a>

07-04-2003, 06:32 PM	#17
p00p Confirmed User Join Date: Dec 2002 Location: CanaDUH Posts: 5,125	Try this one with no brackets If you have Limit tags in brackets, don't use them...just copy and paste what I typed below. No brackets of any kind! AuthUserFile /home/path/to/.htpasswd AuthGroupFile /dev/null AuthName "Member Area" AuthType Basic require valid-user __________________ ICQ: 316365783 <a href="http://www.hostultra.com/~p00p" target="_blank">TEST</a>

07-04-2003, 06:55 PM	#22
mephisto Registered User Join Date: Oct 2002 Posts: 60	the you have something in your httpd.conf that says something like <Directory "/" > Allowoverride None </Directory> see that "none" part thats whats causing the trouble. make sure its only set for the right directory. if you have a section like the one above change the allowoverride none to Allowoverride Authconfig that should work. drop a post if it helps or error messages if it doesnt. __________________ Seek freedom and become captive of your desires. Seek discipline and find your liberty. AB-Arun

07-04-2003, 06:59 PM	#23
directfiesta Too lazy to set a custom title Industry Role: Join Date: Oct 2002 Location: Punta Cana, DR Posts: 29,929	Obviously, the apache httpd config file is not configured properly. ( FYI, I run a few sites on a dedicated box with Linux, Cpanel and WHM. Never had to do anything there. In the httpd, about 1/4 down: AllowOverride AuthConfig In the httpd, about 1/3 down, you have to un # this line: AccessFilename .htaccess Post more info: dedicated or virtual ( could make a difference). With a proper htaccess, does the directory request make the login box to pop-up? __________________ I know that Asspimple is stoopid ... As he says, it is a FACT ! But I can't figure out how he can breathe or type , at the same time ....

07-04-2003, 07:24 PM	#26
SandraB Confirmed User Join Date: Dec 2002 Location: Neverland Posts: 147	Here is a piece of my Apache's httpd.conf # This should be changed to whatever you set DocumentRoot to. # <Directory "/usr/local/apache/htdocs"> # # This may also be "None", "All", or any combination of "Indexes", # "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews". # Note that "MultiViews" must be named explicitly --- "Options All" # doesn't give it to you. # Options Indexes FollowSymLinks MultiViews # # This controls which options the .htaccess files in directories can # override. Can also be "All", or any combination of "Options", "FileInfo", # "AuthConfig", and "Limit" # AllowOverride AuthConfig # # Controls who can get stuff from this server. # Order allow,deny Allow from all </Directory> # # UserDir: The name of the directory which is appended onto a user's home # directory if a ~user request is received. # <IfModule mod_userdir.c> UserDir public_html </IfModule> # # Control access to UserDir directories. The following is an example # for a site where these directories are restricted to read-only. # #<Directory /home//public_html> # AllowOverride FileInfo AuthConfig Limit # Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec # <Limit GET POST OPTIONS PROPFIND> # Order allow,deny # Allow from all # </Limit> # <LimitExcept GET POST OPTIONS PROPFIND> # Order deny,allow # Deny from all # </LimitExcept> #</Directory> # # DirectoryIndex: Name of the file or files to use as a pre-written HTML # directory index. Separate multiple entries with spaces. # <IfModule mod_dir.c> DirectoryIndex index.html index.wml index.cgi index.shtml index.jsp index.js index.jp index.php4 index.php3 index.php index.phtml index.htm default.htm default.html home.htm </IfModule> # # AccessFileName: The name of the file to look for in each directory # for access control information. # AccessFileName .htaccess # # The following lines prevent .htaccess files from being viewed by # Web clients. Since .htaccess files often contain authorization # information, access is disallowed for security reasons. Comment # these lines out if you want Web visitors to see the contents of # .htaccess files. If you change the AccessFileName directive above, # be sure to make the corresponding changes here. # # Also, folks tend to use names such as .htpasswd for password # files, so this will protect those as well. # <Files ~ "^\.ht"> Order allow,deny Deny from all Satisfy All </Files> __________________ Click here to buy Great content in all niches!*

07-04-2003, 07:39 PM	#27
mephisto Registered User Join Date: Oct 2002 Posts: 60	kick me but i dont see anything wrong. maybe i am just sleepy.... try with Allowoverride All.... see if that gets any action out of the htaccess or make a new <directory> </directory> section for the directory that you are trying to protect and set it to allowoverride authconfig and see how it works out. __________________ Seek freedom and become captive of your desires. Seek discipline and find your liberty. AB-Arun

07-04-2003, 07:49 PM	#28
SandraB Confirmed User Join Date: Dec 2002 Location: Neverland Posts: 147	I have tried to set Allowoverride All but with no luck eighter. I have also tried it in several directories but it all says the same. No error message and no activity from the .htaccess files. It is probably some little thing that is eady to solve but not easy to find. I hope I'll be able to solve it tomorrow. __________________ Click here to buy Great content in all niches!

07-04-2003, 07:55 PM	#29
directfiesta Too lazy to set a custom title Industry Role: Join Date: Oct 2002 Location: Punta Cana, DR Posts: 29,929	I agree with Mephisto: your config should work. One thing tough, it that domain setup as a virtual domain, and if so would you have a conf file overriding the default one? I will check this in 15 minutes... getting my cat in the garden. __________________ I know that Asspimple is stoopid ... As he says, it is a FACT ! But I can't figure out how he can breathe or type , at the same time ....

07-05-2003, 06:14 AM	#30
SandraB Confirmed User Join Date: Dec 2002 Location: Neverland Posts: 147	I found the problem under.. <Directory "/home"> AllowOverride None I changed the AllowOverride None to AllowOverride All It works now. I would like to thank all of you for helping me. I really appriciated it. Wisht you all a good week-end. -Sandra __________________ Click here to buy Great content in all niches!

07-05-2003, 08:01 AM	#33
Juicy D. Links So Fucking Banned Industry Role: Join Date: Apr 2001 Location: N.Y. -Long Island -- Posts: 122,992	Sandra hit me on icq 116999839 if you need some help with cpanel