【发布时间】:2023-04-02 11:05:01
【问题描述】:
我厌倦了为我的 WordPress 网站实施 htaccess 密码保护,用户需要在输入 htaccess 用户名和密码后才能看到我的网站,我使用了下面的代码,它显示了密码输入框,
我的 htaccess 文件
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
AuthName "Restricted Area"
AuthType Basic
AuthUserFile .htpasswd
AuthGroupFile /dev/null
require valid-user
<Files 403.shtml>
order allow,deny
allow from all
</Files>
deny from 141.101.99.132
deny from 173.245.53.65
deny from 173.245.53.74
但输入密码后显示服务器错误信息
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, webmaster@daqta.lixdea.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.
Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.
我的网站是http://www.daqta.com/ username-test, password-test
【问题讨论】:
-
你能在没有 htaccess 的情况下访问该站点吗?就像站点在端口 80 上运行一样,您可以删除密码提示并能够访问它吗?您将能够追踪到 apache 配置错误或 htaccess 错误。看起来 apache 正在尝试写入错误日志但不能
-
是的,当我从 htaccess 站点中删除密码代码时,正常运行“AuthName”受限区域“AuthType Basic AuthUserFile .htpasswd AuthGroupFile /dev/null 需要有效用户”
-
您是否在 /var/log/httpd/ 日志中收到任何错误消息?我会查看 access_log 以确保您看到访问请求,然后查看 error_log 以查看任何其他详细信息
-
我看不到那种文件夹
标签: wordpress apache .htaccess security