Directory Restricted Access & .htaccess file

Discussion in 'Site & Server Administration' started by S.Angeli, May 27, 2012.

0
  1. #1
    Good morning,

    I am hosted, for webhosting, by a company using the following software:

    LiteSpeed, DirectAdmin, Php, ...

    I need to password protect access to a specific directorym, for web access, and also need to be able to customize website error code output. Currently, I am unable to have both working as it seems the password protection rules and customizing 401 error codes in .htaccess don't work together.

    Rather, I was told by DirectAdmin support team that these two features are fully supported and do not see any issue implementing them.
    The problem is that I do not know how to properly customize the .htaccess rules.

    Can someone please help me with this? Perhaps if I can have an example and also a reference to some documents I can read this will help.

    Thank you,
    Spiro
     
    S.Angeli, May 27, 2012 IP
  2. zacharooni

    zacharooni Well-Known Member

    Messages:
    346
    Likes Received:
    20
    Best Answers:
    4
    Trophy Points:
    120
    #2
    zacharooni, May 28, 2012 IP
  3. S.Angeli

    S.Angeli Guest

    Messages:
    2
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #3
    Hi zacharooni,

    thank you for your link.

    I did some testings and was able to get it to work.
    I noticed that whenever I use http://www.... it automatically redirects to a URL e does not allow the error to manifest.
    So, if I would type
    ErrorDocument 401 http://www.google.it
    Code (markup):
    when trying to access this website with restricted access, rather than popping up the validation Username and Password it goes automatically to the link.
    The info in the docs you provided me with instead states that I can use something like in their example (ErrorDocument 500 http://foo.example.com/cgi-bin/tester) but why such behavior rather than prompting me for user credentials?

    Those ErrorDocumnt statements should be all the way at the top of the file .htaccess or can they be     anywhere?

    Also, do you know if .htaccess is a file that robots, spiders,     web crawlers can read or access? This question is for security purpose.

    One last question: Is there a way to limit the amount of times a use can re-try to input Username and Password (when the credentials is wrong) beofre the system does not allow it again and if it insists it will block it for a while?

    Thank you,
    Spiro
     
    S.Angeli, May 28, 2012 IP