Hallo!
Ich probiere seit längerem meinen Shop nur per Passwort zugägnlich zu machen. Leider wird meine htaccess inklusive htpasswd nicht akzeptiert. So sieht meine htaccess aus:
RewriteEngine on
AuthType Basic
AuthName "My Protected Area"
AuthUserFile /var/www/xy/xy/www/.htpasswd
Require valid-user
#RewriteBase /shopware/
# Https config for the backend
#RewriteCond %{HTTPS} !=on
#RewriteRule backend/(.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteRule shopware.dll shopware.php
RewriteRule files/documents/.* engine [NC,L]
RewriteRule backend/media/(.*) media/$1 [NC,L]
RewriteCond %{REQUEST_URI} !(\/(engine|files|templates|themes|web)\/)
RewriteCond %{REQUEST_URI} !(\/media\/(archive|banner|image|music|pdf|unknown|video)\/)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ shopware.php [PT,L,QSA]
# Fix missing authorization-header on fast_cgi installations
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
# Restrict access to VCS directories
RedirectMatch 404 /\\.(svn|git|hg|bzr|cvs)(/|$)
# Restrict access to root folder files
RedirectMatch 404 /(autoload\.php|composer\.(json|lock|phar)|README\.md|UPGRADE-(.*)\.md|CONTRIBUTING\.md|eula.*\.txt|\.gitignore|.*\.dist|\.env.*)$
# Restrict access to shop configs files
RedirectMatch 404 /(web\/cache\/(config_\d+\.json|all.less))$
# Restrict access to theme configurations
RedirectMatch 404 /themes/(.*)(.*\.lock|package\.json|\.gitignore|Gruntfile\.js|all\.less|node_modules\/.*)$
# Staging environment
#SetEnvIf Host "staging.test.shopware.in" SHOPWARE_ENV=staging
# Development environment
#SetEnvIf Host "dev.shopware.in" SHOPWARE_ENV=dev
#SetEnv SHOPWARE_ENV dev
DirectoryIndex index.html
DirectoryIndex index.php
DirectoryIndex shopware.php
# Disables download of configuration
# Deny all requests from Apache 2.4+.
Require all denied
# Deny all requests from Apache 2.0-2.2.
Deny from all
# Enable gzip compression
AddOutputFilterByType DEFLATE text/html text/xml text/plain text/css text/javascript application/javascript application/json application/font-woff application/font-woff2 image/svg+xml
ExpiresActive on
ExpiresDefault "access plus 1 month"
Header append Cache-Control "public"
Header unset ETag
FileETag None
# Match generated files like:
# 1429684458_t22_s1.css
# 1429684458_t22_s1.js
Header set Cache-Control "max-age=31536000, public"
ExpiresActive on
ExpiresDefault "access plus 1 year"
# Disables auto directory index
Options -Indexes
Options -MultiViews
# php_value memory_limit 256M
# php_value max_execution_time 120
# php_value upload_max_filesize 20M
php_flag phar.readonly off
php_flag magic_quotes_gpc off
php_flag session.auto_start off
php_flag suhosin.session.cryptua off
php_flag zend.ze1_compatibility_mode off
php_value always_populate_raw_post_data -1
# AddType x-mapp-php5 .php
# AddHandler x-mapp-php5 .php
Header append X-Frame-Options SAMEORIGIN
Die htpasswd liegt somit genau neben der htaccess. Mache ich irgendeinen Fehler?