Support » Plugin: AskApache Password Protect » [Plugin: AskApache Password Protect] all is correctly installed but prompt with password isn't

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author askapache

    (@askapache)

    Your blogroot .htaccess file should have something similar to:

    <Files wp-login.php>
    Satisfy Any
    AuthType Digest
    AuthName "Protected by AskApache"
    AuthDigestDomain /wp-admin/ https://www.askapache.com/wp-admin/ https://www.askapache.com/wp-login.php
    AuthUserFile /home/askapache-mirror4/.htpasswd
    Require user gravedigger
    </Files>

    There is no way to view wp-login.php over remote http(s) unless you login… so there is no way the prompt wouldnt appear (unless you already logged in, logins are cached by all browsers until the browser is closed).

    I think the sneakiest problem is all these webhosts don’t have errordocuments setup by default… which is truly amazingly bad. Another amazing problem I hear sometimes is that some hosts using various servers that are not always apache are saving money by only updating the server config from a directory-context .htaccess file once an hour, or longer!

    Make sure you have setup LOCAL errordocuments (in your blogroot .htaccess)..

    ErrorDocument 401 /errordocs/401.html
    ErrorDocument 403 /wp-content/403.html
    
    # this just guarantees they will use the right status code,  may need.
    #Redirect 401 /errordocs/401.html
    #Redirect 403 /wp-content/403.html

    An example 401 is @askapache.com/show-error-401/, an example 403 is @askapache.com/show-error-403/, actually all 53 errordocuments.

    Plugin Author askapache

    (@askapache)

    Does your AuthDigestDomain include / or wp-login.php? I changed the current version to not be as clear on that. Check httpd.apache.org

    askapache thanks a lot for answering so fast….
    I’m going to become crazy !!
    I checked out my root .htaccess and all seem to be allright :

    <Files wp-login.php>
    Satisfy Any
    AuthType Digest
    AuthName "Protected By AskApache"
    AuthDigestDomain /wp-admin/ https://www.mysite.com/wp-admin https://www.mysite.com/wp-login.php
    AuthUserFile /home/mysite/.htpasswd
    Require valid-user
    </Files>

    I still can access to wp-config.php without any prompt… this is very frustrating…
    I place an “Order allow,deny” in the htaccess in order to see how it responds, and immediately it deny access for the whole site…
    I also placed 401 and 403 files but .. nothing !

    I really don’t understand what happens…sure I’m doing something wrong and very stupid but what ???

    I just asked a minute ago to my hoster if it does any delay in order to take in count the htaccess command but it doesn’t.. still convinced there’s something wrong but what… that’s the BIG question

    thanks

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘[Plugin: AskApache Password Protect] all is correctly installed but prompt with password isn't’ is closed to new replies.