From nobody@hyperreal.com Wed Apr 16 01:49:42 1997 Received: (from nobody@localhost) by hyperreal.com (8.8.4/8.8.4) id BAA11196; Wed, 16 Apr 1997 01:49:42 -0700 (PDT) Message-Id: <199704160849.BAA11196@hyperreal.com> Date: Wed, 16 Apr 1997 01:49:42 -0700 (PDT) From: Klemens Krause Reply-To: Klemens.Krause@informatik.uni-stuttgart.de To: apbugs@hyperreal.com Subject: htpasswd error / misconfiguration error X-Send-Pr-Version: 3.2 >Number: 401 >Category: config >Synopsis: htpasswd error / misconfiguration error >Confidential: no >Severity: serious >Priority: medium >Responsible: apache >State: closed >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Wed Apr 16 01:50:01 1997 >Last-Modified: Thu Apr 17 01:41:22 PDT 1997 >Originator: Klemens.Krause@informatik.uni-stuttgart.de >Organization: >Release: 1.1.3 >Environment: Debian Linux 2.0.27 on a 200 MHz hp Vectra >Description: Hi we tried to establish a password protected access in one subtree of our www pages. The apache is installed by dinstall and running well, so we wanted to add the password protection. 1. I modified access.conf 2. I inserted .htaccess in my own homepage (for using it while experimenting) 3. I created a .htpasswd by using htpasswd 4. I sent a SIGUP to the apache process 5. I tried to access my homepage and got an error message. Here is a protocol of the actions we did: Part of our access.conf in /etc/apache: # access.conf: Global access configuration # Online docs at http://www.apache.org/ # This file defines server settings which affect which types of services # are allowed, and in what circumstances. # Each directory to which Apache has access, can be configured with respect # to which services and features are allowed and/or disabled in that # directory (and its subdirectories). # Originally by Rob McCool # This should be changed to whatever you set DocumentRoot to. ## .... # Controls who can get stuff from this server. order allow,deny allow from all Options None AllowOverride All #order deny,allow #deny from all #allow from .informatik.uni-stuttgart.de #allow from 129.69.183 #allow from 129.69.212 allow from all # ps axu | grep apach root 386 0.0 2.1 1132 648 ? S Apr 11 0:00 /usr/sbin/apache root 14488 0.0 0.0 96 8 p5 R 09:44 0:00 grep apach www-data 13359 0.0 2.3 1132 712 ? S 06:42 0:00 /usr/sbin/apache www-data 13360 0.0 2.3 1132 704 ? S 06:42 0:00 /usr/sbin/apache www-data 13361 0.0 2.3 1132 712 ? S 06:42 0:00 /usr/sbin/apache www-data 13362 0.0 2.3 1132 704 ? S 06:42 0:00 /usr/sbin/apache www-data 13363 0.0 2.3 1132 704 ? S 06:42 0:00 /usr/sbin/apache www-data 14283 0.0 2.1 1132 648 ? S 09:15 0:00 /usr/sbin/apache www-data 14285 0.0 2.1 1132 648 ? S 09:15 0:00 /usr/sbin/apache www-data 14286 0.0 2.1 1132 648 ? S 09:15 0:00 /usr/sbin/apache www-data 14287 0.0 2.1 1132 644 ? S 09:15 0:00 /usr/sbin/apache # kill -SIGHUP 386 # # cd /home/www-data/webspace/staff # more .htpasswd sommer96:z/vPpL2KH.sJc # pwd /home/www-data/webspace/staff/krause # more .htaccess AuthUserFile /home/www-data/webspace/staff/.htpasswd AuthGroupFile /dev/null AuthName ByPassword AuthType Basic require user winter96 # Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. >How-To-Repeat: try to access http://www.ra.informatik.uni-stuttgart.de/staff/staff.html and then access Klemens Krause >Fix: There is probably something wrong or missing in a configuration file. BTW: our /home/www-data/webspace is mounted from another computer >Audit-Trail: State-Changed-From-To: open-feedback State-Changed-By: pcs State-Changed-When: Wed Apr 16 07:43:07 PDT 1997 State-Changed-Why: Whenever you get an error response from the server like this, check the error_log. This should tell you exactly what is wrong. If you cannot fix it, please send the appropriate error_log lines. State-Changed-From-To: feedback-closed State-Changed-By: pcs State-Changed-When: Thu Apr 17 01:41:22 PDT 1997 State-Changed-Why: Fixed. User had removed mod_auth. >Unformatted: