Support

Admin Tools

#28458 Frontend htpasswd protection not working

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by marktaylor46 on Tuesday, 19 September 2017 04:57 CDT

Monday, 18 September 2017 05:28 CDT

marktaylor46
I added rules in .htaccess maker to give me frontend .htpasswd protection whilst I am in the process of developing a website (want to keep everyone out). Whilst my backend protection to administrator works fine I found that frontend protection would just not work. So, I started checking through the .htaccess file that Admin tools had generated and I eventually tracked it down to this one line:

require all granted

Once I remove that line my frontend password protection works fine.

Can you tell me if I have I have not set-up htaccess maker correctly to permit me to use frontend password protection? Is there something I should have set to stop this line being added in .htaccess?

btw these are the rules I added to "TOP" in htaccess maker...

AuthUserFile "/xxxx/xxxx/xxxx/xxx/httpdocs/.htpasswd"
AuthName "Secure Login"
AuthType Basic
require valid-user

Monday, 18 September 2017 07:24 CDT

tampe125
Hello,

that line is required if you use the feature to ban users using a specific User-Agent.
The fastest solution is to set the option Block access from specific user agents to No and regenerate your .htaccess file.
That should do the trick.

Davide Tampellini

Developer and Support Staff

🇮🇹Italian: native 🇬🇧English: good • 🕐 My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 19 September 2017 04:06 CDT

marktaylor46
Ok that does get around the issue. But what about if I want both?

Regards, Mark.

Tuesday, 19 September 2017 04:38 CDT

tampe125
You can't and it's useless: if you are blocking everyone that doesn't know the password there's no need to block users on their User-Agent.
When your site will be online, you'll remove the password protection and you can enable the check on the User-Agent.

Davide Tampellini

Developer and Support Staff

🇮🇹Italian: native 🇬🇧English: good • 🕐 My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 19 September 2017 04:57 CDT

marktaylor46
Ok thanks. I guess I will just have to remember to turn that back on again when I finish my development then.

Cheers,

Mark.

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!