I cant seem to login to the section i have protected as it keeps asking for the username and password again and again.
I cant see an error but you guys might be able to spot one.
I need help, 5 days i have been trying to find the problem to this crazy error that is stopping me from logging in.


This is what i have:






my htaccess file:

AuthName "Restricted Area"
AuthType Basic
AuthUserFile /var/www/html/downloads/secure/.htpasswd
AuthGroupFile /dev/null
require valid-user



<files .htaccess>
Order allow,deny
Deny from all
</files>

<files .htpasswd>
Order allow,deny
Deny from all
</files>
Click here for screenshot of my htaccess file (http://img62.imageshack.us/img62/9486/access2or.jpg)





This is my .htpasswd file

golf:Zcj.PZxZrKna6
speaker:XVpSFvT.eM89U
Click here for screenshot of my htpasswd file (http://img62.imageshack.us/img62/8035/passwd3vw.jpg)






The .htaccess file and .htpasswd file are both in the folder "secure" below is the route.
This is my route: /var/www/html/downloads/secure

So as you can see i am protecting the "secure" section.
It keeps asking me for the username and password all the time.
The username is golf and the password is laser but it never seems to work.

I have the permissions set to:

secure folder: owner:read/write/exe | group: read/exe | others: read/exe
htaccess: owner: read/write group: read other: read
htpasswd: owner: read/write group: read other: read

Click here for screenshots of my permissions (http://img62.imageshack.us/img62/1626/image9jq.jpg)

what do you think?
do i need to put my domain name anywhere?

i saved the htaccess and htpasswd in notepad then uploaded it to the server as .htaccess and .htpasswd

Try it without the

<files .htaccess>
Order allow,deny
Deny from all
</files>

<files .htpasswd>
Order allow,deny
Deny from all
</files>


That should already be setup in your httpd.conf file. Should be...
Users should get an error like this if they try to access your .htaccess or .htpasswd files:


Forbidden
You don't have permission to access /downloads/secure/.htaccess on this server.

Thanks for replying, i just tried that and still cant login,

any other ideas?

The only other thing I can think of is to make sure your paths are correct to:
/var/www/html/downloads/secure/.htpasswd

And double check permissions on .htaccess and .htpasswd

It may be that the server requires an index page ie: index.php, index.htm, etc etc.

I have ssh access to my servers so I have it easy when setting up protected directories. It's easier for me to fire up vi and create a access file and then run htpasswd to create the .htpasswd file. I have never had to create the .htpasswd file in a text editor.

Nice guide: http://www.mike.eclipse.co.uk/htaccess/index.html

thanks for replying.

I have contacted my host and they say this:

There are two ways for password protected directories:

I) Through "Web protects directories" in the control panel:
For "web protect a directory" you should have the FrontPage extension disabled first and that is the thing that only can be done from our end and we need a confirmation by the last 4 digits of the credit card.
B- After disabling the front page extension you need to go to "Web protect directory" under your control panel and there you need to create a group.
C- After creating a group you should create users belonging to those groups.
D- After that simply click on the folder you want to protect on the list that appears and you can lock that folder to be accessible only by a certain group.
There is a useful link if you want to do all the above steps manually:


so there is hope for me