I've been looking for a htaccess hack that prompts a user to enter there user and pass from the board prior to logging in the main board. I know there is one somewhere I just couldnt find it. I did find this one but it appears to be dead and it was a post that someone who had tried to take credit for something that wasnt his. So if some could point me in the right direction thanks. I'm still sort of a newbie so bare with me.

Click me to see the only think I could find here!!! (https://vborg.vbsupport.ru/showthread.php?s=&threadid=38967)

Sorry mods, I found serveral things on the board that i didnt see eariler. No sure which one will work for me, but ill keep looking.

Here is the basic contents that are needed. Apache needs to be compiled with mod_mysql_auth if I remember correctly:

AuthType Basic
AuthName "*My Forums*"

Auth_MYSQLhost *myhost.com*
Auth_MYSQLusername *username*
Auth_MYSQLpassword *password*
Auth_MYSQLdatabase *dbname*
Auth_MYSQLpwd_table user
Auth_MYSQLuid_field username
Auth_MYSQLpwd_field password
Auth_MYSQL_EncryptedPasswords off

<LIMIT GET POST>
require valid-user
</LIMIT>

Remember to change the items bettween the * * to your values.

Hope this helps.

not all hosts support that mod, unfortunatelly. mines doesnt...

I'm so new to this that I dont really understand what that is.

Any way you can explain it to a child. sorry

is there somthing you can add so you can only allow certian usergroups?

like add somthing... where usergroupid = 1 or any number(s) you wish.

oke but what to do if the passes are encrypted ??

just

AuthType Basic
AuthName "*My Forums*"

Auth_MYSQLhost *myhost.com*
Auth_MYSQLusername *username*
Auth_MYSQLpassword *password*
Auth_MYSQLdatabase *dbname*
Auth_MYSQLpwd_table user
Auth_MYSQLuid_field username
Auth_MYSQLpwd_field password
Auth_MYSQL_EncryptedPasswords on

<LIMIT GET POST>
require valid-user
</LIMIT>

This line:

Auth_MYSQL_EncryptedPasswords on

Suggests to me that it will convert the password to the MD5 hash before checking with the DB.

Ok i have a question also about this, we have added this module mod_mysql_auth to our apache machine but when we create the .htaccess file with the code above it sends the 500 error page.

There were some addtional code lines that we had to add that we missed but its still doing the same thing...Is there any other addtional lines that we need to add to make this work ?

Ok, let me get this straight. I first have to check with my host and make sure they support the mod_mysql_auth and then create a file named .htaccess with the above info and placed where on my server? Root web directory?

Mark

Place the file within the directory you want protected, most likly your Admin directory.

But if I wanted to password protect the entire board and allow the users on my board to use there user/pass to get in then I would place it in the main board directory?

place it in the forum directory....

Originally posted by refertech
But if I wanted to password protect the entire board and allow the users on my board to use there user/pass to get in then I would place it in the main board directory?

This is pretty pointless and users will have to login twice with the same password. Also starting a new browser session will mean they have to login again for no reason.

I agree with NTLDR. It only makes sense if it's a separate password.

So there is not added protect using the htaccess over the normal board login?

Mark

???

You add a SECOND username and password, not the same one. Otherwise, it's a redundant extra step.

Erwin and NTLDR are right that it is senceless that you have your members login twice, but I was primarly looking for something like this for my download section.. not the entire board.

If anyone can help me with that part would be great, I know that there is a beta pafiledb hack being worked on but its not exactly what I was looking for even though pafiledb is what I am using.

Okay, getting back to this nasty 500 error. mod_auth_mysql IS compiled into apache and loaded (at least phpinfo said so).

I don't really understand why i get a 500, everything seems correct, mysqlserver, database, dbusername, dbpassword. Any tips? I've also tried several htaccess-Setup-Tips, ie from the programmers page. After setting "AuthSQLAuthoritative On", I get the 500 again.

I should say that the server is using Apache 1.3.26 with php 4.1.0, using on a plesk system on Linux 2.4.2-2. So I am not really sure which mod_auth_mysql is excactly being used. I noticed some mod_mysql_auth modules and also a patched version. As I don't suppose to find out (as a normal user) which version is currently compiled into Apache, I'm out of ideas. (And: yes I am aware of the different ways how to handle mod_auth_mysql w. patch, mod_auth_mysql wo. patch, mod_mysql_auth - didn't change)

Flashfunk

// edit: Sorry for pushing such an antique thread.

You can use my .htaccess generator at http://www.webdesignforums.net/?styleid=3 (click "hide/show" for Web Design Tools). It just constructs the .htaccess and .htpasswd files for you, although it doesn't integrate with vB's db or any other db.

I also wrote this .htaccess file and I also get
a 500 error. page.

weird