CMS Made Simple Forums

Hi everyone,

I have been using CMSMS in an htaccess protected directory for a few years now without incident. However, since a few months ago, the dialogue box asking for the username and password will continuously pop up, even after entering the correct log-in info. The site is hosted by BlueHost, and I set up the directory protection via cPanel. They said that no upgrades had been done in that area, and I know I hadn't changed the CMS site before experiencing problems. I have been told by techs that some dynamic php pages can cause problems with htaccess protected directories.

The client wants a private, protected area and is now comfortable with using the htaccess and CMSMS. They don't have the need for FrontEndUser login and I'd rather not add to their complexity, so I'd like to keep the htaccess protection. I have found that if I point my browser to a static html page within the protected directory, the dialogue box pops up only once to ask for the login info. Also, if I shut the CMSMS down for maintenance, then the dialogue box pops up only once and then displays that maintenance status page.

I've deleted the htaccess files and started fresh, even experimenting with manual Digest settings. One other symptom confusing me is the fact that after entering the username and password correctly, I can hit cancel 6-7 times to then get past them and to a stripped-down CMS home page; I can then click on any link within my CMS and view that page normally, with full formatting. I can browse around where ever within the site, and the dialogue doesn't pop up again asking for the username and password. I upgraded to 1.6.6, but found no relief.

Any ideas would be greatly appreciated.

Jay

Hi JayP

Is it possible that the serverpath to the .htpasswd file has changed bij the host?
Seen it before on regular sites...

Regards, Rolf

Thanks for the reply. I did consider the server path being an issue, but it seems to check out fine. I've erased the htaccess file and started from scratch many times. The static pages are fine, but the dynamic ones (CMSMS) are not.

JayP,

Do you use mod_rewrite?
Tried setting it off and see what happens?

Please put the text of the .htaccess file here.
You can xxxxx out paths etc. 

Rolf

Rolf, I had not used the mod_rewrite, though I did try it yesterday to see turning it on would have any affect. It didn't, but I think the problem is solved.

A BlueHost tech noticed that the "$config['root_url']" line in the config.php had an IP address followed by the account name and then the subfolders; he recommended that I remove the IP and account name and put in the domain. This ended up solving the problem, so I just get the dialogue box popping up once, and then after entering in the username and password, I'm into the CMS site. I usually put the domain name etc, but I recall that I used the IP address for this installation when I was changing servers and wanted to get the site running before the nameservers caught up. It had been that way for over a year without problems; I'm not sure why the issue now.

So as far as I can figure, the htaccess file was asking for credentials for the domain name and then when it got to the CMSMS site, it continually asked for them, as the URL had changed to the IP address.

Thanks for your input, Rolf.