Password protect /admincp directory via cPanel doesn't work

When trying to add a password protection to the /admincp folder via cPanel, I get a 'page not found' error. How to I get this to work?

I tried editing the admincp/.htaccess and adding "RewriteEngine Off"
(not sure if I should do that or not, if vbSEO needs to rewrite any admincp URLs, but I don't think it does). But that didn't help.

Hello please see here:

If you have restricted access to your admincp folder using .htaccess (Auth directives), please check
your apache configuration: having "ErrorDocument 401 401.shtml" directive in httpd.conf requires that
"401.shtml" file exists. You should create one if it doesn't to solve the problem.

Just make a blank document titled 401.shtml into your forum home directory and that should solve this.

Creating the 401.shtml in public_html/ didn't help. Now it simply seems to redirect to the newly created 401 page unless I comment out the ErrorDocument 401 directive in httpd.conf.

Here's what my httpd.conf has (I just added the comments):

Code:

#ErrorDocument 400 /400.shtml
#ErrorDocument 401 /401.shtml
#ErrorDocument 403 /403.shtml
#ErrorDocument 404 /404.shtml
#ErrorDocument 500 /500.shtml

Since I commented the directives out, the folder password protection is working fine with vBSEO, but of course I'd rather not have to comment them out.

Having or not having RewriteEngine Off in the /admincp .htaccess doesn't seem to do anything. Here's what the /admincp .htaccess contains now:

Code:

AuthName "Restricted Area"
AuthUserFile "/home/username/.htpasswds/public_html/admincp/passwd"
AuthType Basic
require valid-user

How can I get this working without commenting the ErrorDocument lines out?

Please try to create other files as well (40x.shtml).

Originally Posted by Oleg Ignatiuk

Please try to create other files as well (40x.shtml).

That is what I had already done.

400.shtml 401.shtml 403.shtml 404.shtml 500.shtml

You can also try to add "RewriteBase /" line in vBSEO .htaccess.

RewriteBase / is already there in the public_html .htaccess.

What is you complete .htaccess file contents now?

Code:

# Comment the following line (add '#' at the beginning)
# to disable mod_rewrite functions.
# Please note: you still need to disable the hack in
# the vBSEO control panel to stop url rewrites.
RewriteEngine On

# Some servers require the Rewritebase directive to be
# enabled (remove '#' at the beginning to activate)
# Please note: when enabled, you must include the path
# to your root vB folder (i.e. RewriteBase /forums/)
RewriteBase /

RewriteCond %{HTTP_HOST} !^www\.finalfantasyforums\.net
RewriteRule (.*) http://www.finalfantasyforums.net/$1 [L,R=301]

RewriteRule ^((urllist|sitemap_).*\.(xml|txt)(\.gz)?)$ vbseo_sitemap/vbseo_getsitemap.php?sitemap=$1 [L]

RewriteCond %{QUERY_STRING} !vbseourl=
RewriteCond %{REQUEST_URI} !(admincp/|modcp/|chat|cron)
RewriteRule ^(.*\.php(/.*)?)$ vbseo.php?vbseourl=$1 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !\.(jpg|gif)$
RewriteRule ^(archive/.*)$ vbseo.php?vbseourl=$1 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !^(admincp|modcp|clientscript|cpstyles|images)/
RewriteRule ^(.+)$ vbseo.php?vbseourl=$1 [L,QSA]

Does it work correctly if you comment out this line?

Code:

RewriteRule ^(.*\.php(/.*)?)$ vbseo.php?vbseourl=$1 [L,QSA]

No, even with that line commented out it does not work as long as the ErrorDocument 401 /401.shtml line is uncommented and httpd restarted. It just redirects to the 401.shtml page I made. Note that it seems the only httpd.conf line I need to comment out in order to get things to work is the 401 line.

I also have lots of vbseo custom rewrite rules, though maybe too many to post here. Though none of them involve the admincp or anything with the term 'admin'.

Can you please open a support ticket with ftp access to check that? (with errordocument enabled)

I sent the ticket, though as I mentioned in the ticket I just realized, that the problem seems to depend on whether the URL is accessed with a trailing '/' or not. If there is no trailing slash, it redirects to the 401.shtml page; if there is one, it works.