ashesnglass Posted March 31, 2004 Posted March 31, 2004 Hi, I'm having a problem with one of my accounts where users are sometimes forced to type in the login and password twice in order to access protected directories. Other times, it works correctly (forcing them to do it only once). Just to troubleshoot, I tried unprotecting the directories and deleting the user/pass and then redid it, but I'm still having the same problem. Has anybody else experienced this? Thanks!! Dave Quote
kaseytraeger Posted March 31, 2004 Posted March 31, 2004 I've not experienced this scenario, but I do know that cPanel asks me more than once for my username and password. It asks me the first time when I log on, and then again either when I try to enter the file manager or when I try to edit a file. I don't know if that's a glitch or what. I know this email didn't help, but at least there's another app where it's happening too. So you can take some comfort and solace in that. (Unless, or course, the extra log-ins by cPanel are being implemented as a security issue. However, once you log in once and set a session, that session should be good throughout your time on the web site. So I don't understand why they would want a second login.) Sorry I couldn't help! Maybe someone else will have better ideas. Quote
TCH-Andy Posted April 1, 2004 Posted April 1, 2004 Hi, I have seen this where the difference is if a user goes to domain.com/protected or www.domain.com/protected. This was due to incorrect commands in the .htaccess file - I would have a look at what they actually are (rather than just doing it from cpanel). Quote
ashesnglass Posted April 1, 2004 Author Posted April 1, 2004 Thanks. I checked.... Inside that protected directory, I found that the main PHP file had a reference to a "www.domain" address that I thought could be causing the problem (as it was, like you said, the fact that it was trying to authenticate both "www.domain" and "domain") and removed it, but it's still happening. I'll just try my best to get folks to use "www.domain" for the protected area until I can figure something else. Quote
ashesnglass Posted April 1, 2004 Author Posted April 1, 2004 Hmmmmm... I kept looking for references to "www." that shouldn't be there and at the .htaccess files, but no luck. This is what the .htacccess file has: AuthType BasicAuthName "members" AuthUserFile "/home/gccmaco/.htpasswds/transition/passwd" require valid-user And the passwd file has nothing but the user and encrypted password. Does that mean it has to be something on the back end? Thanx Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.