I'd really appreciate some help with this please. I've looked at all the previous threads that deal with this topic and none have been able to help me.

As far as I can tell, I've set everything up correctly but obviously I'm doing something wrong.

My .htaccess file is as follows:

AuthUserFile /home/www/yorkhire/vids/.htpasswd
AuthGroupFile /dev/null
AuthName "Private Area"
AuthType Basic
<Limit GET POST>
require trueblue
</Limit>
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yorkshirewench.co.uk/.*$ [NC]
RewriteRule \.(gif|jpg|zip)$ - [F]

And my .htpasswd file is:

trueblue:LGQ7QICUSGy8o

The folder I would like protecting is www.yorkshirewench.co.uk/vids (http://www.yorkshirewench.co.uk/vids)

I was told by my hosts to set the permission for these files to 644 but as far as I can work out, using CuteFTP, I can only set the whole folder to that number. When I do so and then go to the above URL, all I get is: FORBIDDEN You don't have permission to access /vids on this server. Apache/1.3.27 Server at www.yorkshirewench.co.uk Port 80

However, when I set the folder permission to 755, the login box pops up but my password doesn't work. I can enter it three times and then I get the following: AUTHORIZATION REQUIRED This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required. Apache/1.3.27 Server at www.yorkshirewench.co.uk Port 80

So what am I doing wrong? Help? Please?

What did you use to create the encrypted pass?

What did you use to create the encrypted pass?

I'm sorry, I can't remember now. I know it was a password generator suggested on another thread.

I've tried different ones, like this one...

http://www.clockwatchers.com/htaccess_tool.html

...but it doesn't make a difference.

<Limit GET POST>
require trueblue
</Limit>

This is slightly wrong

use


require user trueblue


or


require valid-user

Thank you! That's it! I did try "require valid-user" at first but as it didn't work I thought I'd change it - obviously missing something vital out. Changing it to add "user" worked a treat. Many thanks!

Could you tell me please if it's essential that my vids folder has the permission set to 644? When I change it to that and try to access the page I get: You don't have permission to access /vids/ on this server. But when I leave it at 755 eveything is now working fine. As I said in my original post, I was told by my hosts to set the permission to 644.

Could you tell me please if it's essential that my vids folder has the permission set to 644? When I change it to that and try to access the page I get: You don't have permission to access /vids/ on this server. But when I leave it at 755 eveything is now working fine. As I said in my original post, I was told by my hosts to set the permission to 644.

Don't worry about the permission thing. I've just figured it out. Thanks anyway - and for all your help with the htaccess file. :happy:

try



AuthUserFile /.htpasswd
AuthGroupFile /dev/null
AuthName "Private Area"
AuthType Basic
<Limit GET POST>
require trueblue
</Limit>
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yorkshirewench.co.uk/.*$ [NC]
RewriteRule \.(gif|jpg|zip)$ - [F]

The problem was sorted in post #4 (http://www.cybertechhelp.com/forums/showpost.php?p=679701&postcount=4)