Support » Fixing WordPress » .htaccess blocking people from site

  • Resolved Stocktrading101

    (@stocktrading101)


    When I create a .htaccess file, I set it to Chmod 666, then can change permalinks etc. But, anyone and I mean anyone who tries to access my site gets a login popup. How the heck can I have .htaccess but and at the same time still allow the general public to get to the site without getting some login screen? I don’t understand how I am supposed to create a .htaccess login name + password for every person on earth. Extremely confused!! Thank you so much in advance for the help!

Viewing 8 replies - 1 through 8 (of 8 total)
  • Pizdin Dim

    (@pizdin_dim)

    I just ried accessing your site and I don’t get any login prompt. Are you talking about .htpasswd for usernames/passwords perhaps?

    BTW: Don’t leave your .htaccess at 666. It should be writeable by you, readable by your web server user group and that’s it.

    Samuel B

    (@samboll)

    I accessed your site fine, also.

    If you’re concerned about it, post the contents of your .htaccess. Plenty of folks here can verify it for you.

    Thread Starter Stocktrading101

    (@stocktrading101)

    Thanks for taking the time to reply. I deleted the .htaccess file after no one could access the site. You are promted to type in a username and password once I create the .htaccess file. My question is should this happen, or am I just setting something up wrong?

    When I do have .htaccess up, these are the contents of it:

    AuthType basic
    AuthName “Only for authorized personnel”
    AuthUserFile /hsphere/local/home/r3illc/.htmaster/.ok_user
    Require valid-user

    Again, I do not have .htaccess created right now so you will not get asked for a UN and PW. I don’t understand why everyone gets asked for UN and PW verification…

    Thanks again in advance for the help!

    PS – when .htacess is up, you are first asked for a UN and PW (which only I know), then if u hit cancel the following comes up,

    “This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn’t understand how to supply the credentials required.”

    satoshi

    (@satoshi)

    I don’t know the inner works of the .htaccess very well… but it looks like it’s asking you to be a valid-user. Remember, the .htaccess applies to everything on your server.

    Thread Starter Stocktrading101

    (@stocktrading101)

    “but it looks like it’s asking you to be a valid-user. Remember, the .htaccess applies to everything on your server.”

    Well said and I agree. But then it doesn’t make sense. WordPress recommends having .htaccess to change permalinks, but if everyone is promted for UN and PWs then what good does it do?

    Thread Starter Stocktrading101

    (@stocktrading101)

    anyone?

    Pizdin Dim

    (@pizdin_dim)


    AuthType basic
    AuthName "Only for authorized personnel"
    AuthUserFile /hsphere/local/home/r3illc/.htmaster/.ok_user
    Require valid-user

    You don’t want any of the above in your .htaccess because the four lines are issuing a directive to your web server to prompt for a username/password which is matched against the file specified by the AuthUserFile line.

    You should have them in your admin directory perhaps, to improve security. But not in the root directory of your blog.

    I see that you’re using WP-2, so I can’t help you with permalinks there, but in WP-1.5, WP itself generates the permalinks (in admin) for you which you would then copy and paste into the .htaccess file.

    Thread Starter Stocktrading101

    (@stocktrading101)

    “You don’t want any of the above in your .htaccess because the four lines are issuing a directive to your web server to prompt for a username/password which is matched against the file specified by the AuthUserFile line.”

    Exactly! Ahh it makes so much sense now! I just created .htaccess then edited it and deleted the auth lines, set chmod to 666 and what do you know permalinks are now set and my feed is workin again. I changed the chmod to 660 afterwards and everything is working excellent. I have no idea why I didn’t think of this before! It is as if the light has shined down from the heavens, lol.

    Thanks everyone for the help.

    To the future,

    -Stocktrading101

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘.htaccess blocking people from site’ is closed to new replies.