htaccess weirdness

[eluser]GridWave[/eluser]
Hey All,

In the root level .htaccess (same level as system directory) there is the following (slimmed down):

Code:

RewriteEngine on
RewriteCond %{HTTP_HOST} ^domain.net
RewriteRule (.*) http://www.domain.net/$1 [R=301,L]

RewriteCond $1 !^(index\.php|404\.shtml|401\.shtml|seoTools|adminfiles|javascript|robots\.txt)
RewriteRule ^(.*)$ index.php/$1 [L]

At the same level of the system directory is where a seoTools directory is located and it is a "generic" MVC framework that I was tinkering w/ myself. There is an .htaccess file in there and everything was working fine until the .htaccess was deleted in both places (and no back up, thank you for me being a moron).

It took some tinkering to get it to work to the point where I could get to seoTools (404 errors). Now I can login in but once I do, if I click on a link to go somewhere else, I get 404 error.

Here is the .htaccess in seoTools:

Code:

AuthUserFile /path/.../.htpasswd
Options -Indexes
AuthName "Tool"
AuthType Basic
Require valid-user

I have tried adding the '?' to RewriteRule ^(.*)$ index.php/$1 [L] above to make it RewriteRule ^(.*)$ index.php?/$1 [L] but that completely craps out the ability to reach the adminfiles directory at the same level of system and seoTools.

Any ideas?

Thank you for your time and help.

[eluser]TheFuzzy0ne[/eluser]
I'm trying to find the "Daniel Moore" symbol, but I appear to have left that torch in my other pants, so the bat symbol will have to do.

[eluser]GridWave[/eluser]
I forgot to mention. If I take the "Require valid-user" out of the second .htaccess, it works fine but I need the authentication and, as I said, it worked before.

[eluser]TheFuzzy0ne[/eluser]
Are you sure the file path for the auth file is correct?

[eluser]GridWave[/eluser]
Yes it is. The way the two .htaccess entries sit right now I have to authenticate to the seoTools when I go to it, just that any link on the page that comes up leads to a 404 from there.

[eluser]GridWave[/eluser]
Outside of providing the ability to authenticate, the following .htaccess seems to have no effect:

Code:

AuthUserFile /path/.../.htpasswd
Options -Indexes
AuthName "Tool"
AuthType Basic
Require valid-user

When I remove it completely it works just as it has w/ the clicking of a link going to a 404. The secondary application I built runs similar to CI in terms of URLs - so the path to a page will be seoTool/controller/method/params...

[eluser]Daniel Moore[/eluser]
TheFuzzy0ne asked me to stop by. I'll have to make sure he has the DWM symbol so he doesn't have to use the bat symbol anymore.

Before I jump in to assist, I would like clarification.

#1, are you able to surf all your CodeIgniter paths without error?
#2, is it only when you access seoTools with the "Require valid-user" that you have the trouble?
#3, is your directory structure as follows? (If not, then please clarify.)

Code:

webroot
|-.htaccess
|-index.php
|-system
|-seoTools
  |-.htaccess

#4, have you considered using something other than Apache's authentication method? Perhaps coding your application for authentication?

Consider this from Apache's manual:

Because of the way that Basic authentication is specified, your username and password must be verified every time you request a document from the server. This is even if you're reloading the same page, and for every image on the page (if they come from a protected directory). As you can imagine, this slows things down a little. The amount that it slows things down is proportional to the size of the password file, because it has to open up that file, and go down the list of users until it gets to your name. And it has to do this every time a page is loaded.

A consequence of this is that there's a practical limit to how many users you can put in one password file. This limit will vary depending on the performance of your particular server machine, but you can expect to see slowdowns once you get above a few hundred entries, and may wish to consider a different authentication method at that time.

[eluser]GridWave[/eluser]
[quote author="Daniel Moore" date="1244847531"]
#1, are you able to surf all your CodeIgniter paths without error?
[/quote]
Yes
[quote author="Daniel Moore" date="1244847531"]
#2, is it only when you access seoTools with the "Require valid-user" that you have the trouble?
[/quote]
I only have trouble when I get to the first page after authentication and clicking on a link to do something else.
[quote author="Daniel Moore" date="1244847531"]
#3, is your directory structure as follows? (If not, then please clarify.)

Code:

webroot
|-.htaccess
|-index.php
|-system
|-seoTools
  |-.htaccess

[/quote]
That is correct and then the seoTools has a similar file structure to system (if that makes a difference).
[quote author="Daniel Moore" date="1244847531"]
#4, have you considered using something other than Apache's authentication method? Perhaps coding your application for authentication?
[/quote]
I was asked to get this done quickly and using that authentication method seemed to be a quick and dirty way to get around login/password. (Read: lazyiness)

As I mentioned before though, this was working before the htaccess file was deleted.

[eluser]Daniel Moore[/eluser]
If it was a CI portion you needed authentication for, we could all point you to a quick and dirty authentication system that would get you up and running quickly. There are a number of them found in these forums. However, for seoTools, I can't say, as I don't use it.

Since the seoTools .htaccess file is loaded after the webroot .htaccess, you are still bound by all the functionality of the webroot .htaccess. If CodeIgniter is working properly, I don't see any reason it should be a problem for seoTools.

First, try changing your .htaccess for seoTools to the following:

Code:

Options -Indexes
AuthType Basic
AuthName "Tool"
AuthUserFile /path/.../.htpasswd
Require valid-user

Just a re-arrangement of the order, just in case. We want to keep everything organized and more readable. It's best practice to always declare the type of Auth before implementing it.

You said you tried adding the '?' to the rewrite rule, but it messed things up. Have you tried adding the QSA flag to it?

Code:

RewriteRule ^(.*)$ index.php/$1 [L,QSA]

You may want to try the link in my signature to further troubleshoot your problem, if you haven't already. Try every option there for the .htaccess and see if it helps.

Consider replacing:

Code:

RewriteCond $1 !^(index\.php|404\.shtml|401\.shtml|seoTools|adminfiles|javascript|robots\.txt)

with the following:

Code:

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

You may be too restrictive on your rewrite, so try that.

If none of that works, let me know.

[eluser]GridWave[/eluser]
Still getting the following: The requested URL /seoTools/SEO/seoToolsForm was not found on this server.