I have a .htaccess that uses basic authentication. It seems the path to the .htpasswd file isn't relative to the htaccess file, but instead to the server config.
So even though I have the .htaccess and .htpasswd files in the same directory, this doesn't work:
AuthType Basic
AuthName "Private Login"
AuthUserFile .htpasswd
Require valid-user
However, it does work if I change the AuthUserFile to use the absolute path:
AuthType Basic
AuthName "Private Login"
AuthUserFile "/home/user/public_html/mydir/.htpasswd"
Require valid-user
But I would prefer something more mobile as I use this on multiple sites in different areas. I've searched the web but haven't had any resolution. Is it possible to use relative path or variables like %{DOCUMENT_ROOT}
?
It is not possible to use relative paths for AuthUserFile:
File-path is the path to the user file. If it is not absolute (i.e., if it doesn't begin with a slash), it is treated as relative to the
ServerRoot
.
You have to accept and work around that limitation.
We're using IfDefine
together with an apache2 command line parameter:
.htaccess
(suitable for both development and live systems):<IfDefine !development>
AuthType Basic
AuthName "Say the secret word"
AuthUserFile /var/www/hostname/.htpasswd
Require valid-user
</IfDefine>
Append the following to /etc/apache2/envvars
:
export APACHE_ARGUMENTS=-Ddevelopment
Restart your apache afterwards and you'll get a password prompt only when you're not on the development server.
You can of course add another IfDefine for the development server, just copy the block and remove the !
.