I am trying to password protect my admin directory. When I protect the directory (using cpanel) instead of prompting me for a username/password, it just gives a 404.
I have tried using cpanel to protect a directory on a different account (but on the same server) and it works as expected.
If I remove the main .htaccess file within the root of the CMSMS installation, the password protection works properly.
So it looks like the main .htaccess within the root of CMSMS is overriding the .htaccess which cpanel creates within the protected directory and this messes up the password protection.
So, I would like to try and change the main CMSMS .htaccess so that all works properly, but I'm not much of a .htaccess kind of person.
Does anyone know what changes I could make to this .htaccess to solve this problem?
Any help is much appreciated.
My .htaccess is here:
Code: Select all
# Attempt to override some php settings, these settings may be helpful on some hosts if your
# default configuration does not meet CMS's minimum requirements, and your host
# has given your account appropriate permissions
#php_value upload_max_filesize "10M"
#php_value session_save_path "tmp/cache"
#php_flag magic_quotes_gpc Off
#php_flag register_globals Off
#php_flag session.use_trans_sid Off
# This is important, so uncomment if your host permit
Options -Indexes
ServerSignature Off
#php_value session.cookie_httponly true
#Options +FollowSymLinks
# To prevent E_STRICT problems with PHP 5.3+ you can uncomment the following lines
# Note: These settings should only be enabled for production sites!
#php_flag display_startup_errors 0
#php_flag display_errors 0
#php_flag html_errors 0
#php_value docref_root 0
#php_value docref_ext 0
<IfModule mod_rewrite.c>
RewriteEngine on
#
#Sub-dir e.g: /cmsms
RewriteBase /
# 301 Redirect all requests that don't contain a dot or trailing slash to
# include a trailing slash
# but ignore POST requests.
#RewriteCond %{REQUEST_URI} !/$
#RewriteCond %{REQUEST_URI} !\.
#RewriteCond %{REQUEST_METHOD} !POST$
#RewriteRule ^(.*) %{REQUEST_URI}/ [R=301,L]
# Rewrites urls in the form of /parent/child/
# but only rewrites if the requested URL is not a file or directory
#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.+)$ index.php?page=$1 [QSA]
</IfModule>
<IfModule mod_headers.c>
# Disable ETags
Header unset ETag
FileEtag None
# For Security
Header set X-Frame-Options "SAMEORIGIN"
</IfModule>
<IfModule mod_deflate.c>
# Compress css, plaintext, xml, gif, and images in transport.
AddOutputFilterByType DEFLATE text/css text/plain text/xml image/gif image/jpeg image/png
</IfModule>
<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault "access plus 1 month"
# Set expires tags on various file types... so that the browser wont attempt to reload them.
ExpiresByType image/jpg "access plus 1 year"
ExpiresByType image/gif "access plus 1 year"
ExpiresByType image/gif "access plus 1 year"
ExpiresByType image/ico "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType video/x-flv "access plus 1 year"
ExpiresByType application/pdf "access plus 1 year"
ExpiresByType application/x-shockwave-flash "access plus 1 year"
ExpiresByType application/javascript "access plus 1 month"
ExpiresByType text/javascript "access plus 1 month"
ExpiresByType text/css "access plug 1 month"
<IfModule mod_headers.c>
# Setting cache control to public allows proxy servers to cache the items too.
Header set Cache-Control "public"
</IfModule>
</IfModule>
