Password Files in Certain Directories

Flanders · 16 Nov 2006 at 13:09

I have some PDF's in a few different directories on my web site and I dont really want all and sundry being able to access them. I thought it would be simple enough to do with .htaccess but I'm having numerous problems. I have tried using the wizard through TSO Host's control panel, and I have also tried writing my own, but neither seem to work. Once set up, when I try to access the directory, I just get a 404, rather than the passowrd box.

Here is the code I'm using in the .htaccess:

Code:

AuthType Basic

AuthName "Restricted Area"

AuthUserFile "/home/usr/.htpasswds/pdfs/passwd"

require valid-user

Then the encripted password is in .passwd. I have used this method loads of times, and never encountered any problems, am I missing something really basic? If someone could shed some light on this problem I would be extremely grateful.

LazyManc · 16 Nov 2006 at 15:28

Flanders said:
I have some PDF's in a few different directories on my web site and I dont really want all and sundry being able to access them. I thought it would be simple enough to do with .htaccess but I'm having numerous problems. I have tried using the wizard through TSO Host's control panel, and I have also tried writing my own, but neither seem to work. Once set up, when I try to access the directory, I just get a 404, rather than the passowrd box.

Here is the code I'm using in the .htaccess:

Code:

AuthType Basic AuthName "Restricted Area" AuthUserFile "/home/usr/.htpasswds/pdfs/passwd" require valid-user

Then the encripted password is in .passwd. I have used this method loads of times, and never encountered any problems, am I missing something really basic? If someone could shed some light on this problem I would be extremely grateful.

This is just a complete guess as I've never used them but should it be

Code:

AuthUserFile "/home/usr/htpasswds/pdfs/.passwd"

Flanders · 17 Nov 2006 at 12:12

LazyManc said:
This is just a complete guess as I've never used them but should it be

Code:

AuthUserFile "/home/usr/htpasswds/pdfs/.passwd"

Thanks, but that didnt seem to do the trick, I'm pretty sure the code I posted is right, it just doesnt want to work.

Are there any alternatives, could I use PHP/ASP, even though the directories that contain the PFDs dont actually have any pages in them?

toosepin · 17 Nov 2006 at 15:54

Why not have Index file listing on but hide the PDFs from being displayed.

Code:

Options +Indexes
IndexIgnore *.pdf

I know it's not secure - but who's going to make the effort to look for a PDF when it isn't listed.

Dolly · 19 Nov 2006 at 11:00

delete sorry

EDIT:

That will teach me to have 2 threads open at once...

Flanders · 21 Nov 2006 at 16:57

toosepin said:
Why not have Index file listing on but hide the PDFs from being displayed.

Code:

Options +Indexes IndexIgnore *.pdf

I know it's not secure - but who's going to make the effort to look for a PDF when it isn't listed.

Unfortunately, there are certain people who need access to the PDF's, hence the username/password requirement.

Thanks anyway