Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We're retiring the forums!

The SilverStripe forums have passed their heyday. They'll stick around, but will be read only. We'd encourage you to get involved in the community via the following channels instead:

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

BasicAuth::protect_entire_site() not working

Go to End

7 Posts   2806 Views


Community Member, 8 Posts

9 July 2010 at 10:17am


I am setting up a staging site on a Dreamhost account, using the _ss_environment.php environment management setup described here. More specifically, in my _config.php I include the following line:

if(Director::isTest()) BasicAuth::protect_entire_site();

So I uploaded the site, setup the db + user accounts, etc. But then when I set it to "test," I get the login dialogue when visiting the site but none of the logins work. So essentially it is protecting the entire site, but none of the logins work! Any ideas?



Forum Moderator, 5523 Posts

9 July 2010 at 12:15pm

Do the logins work normally? (in the cms).

Try set a user for it using Security::setDefaultAdmin('user', 'pass'); and logging in with those details.


Community Member, 8 Posts

10 July 2010 at 12:25am

I have DefaultAdmin set in the _ss_environment.php file, and CMS logins are working fine. I tried defining DefaultAdmin in the _config.php file instead, still didn't work. Hmmm...


Community Member, 8 Posts

1 April 2011 at 10:43am

Argh, I gave up last time and ran into the same issue again, was hoping there might be a fix out there by now. All I found was my own forum post with no new answers. :/


Community Member, 1 Post

23 May 2011 at 11:43am

hi there!!

I had the same problem as you described! When I had:

Director::isDev()) BasicAuth::protect_entire_site();

In windows it worked fine, but when i uploaded the code to a linux server...i couldn't pass the i searched a couple of things....and i found a solution for my problem.


in .htacess, inside <IfModule mod_rewrite.c>

i added this: RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]

after i done a incursion inside the core (i didn't like that but for a major reason...), file: BasiAuth,php

and in the function

static function requireLogin($realm, $permissionCode = null, $tryUsingSessionLogin = true) {

and after
if(!Security::database_is_ready() || (Director::is_cli() && !$isRunningTests)) return true;
i added:

list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':' , base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));

And...this done the trick!

Hope this help you and other people with the same problem!



Community Member, 323 Posts

14 October 2011 at 3:43am

Edited: 14/10/2011 3:44am

Thank you!

I had the same problem and your post resolved it. Did you submitted this issue as a bug? I’m not an expert, but I think this could be considered as such.

Best regards,


Community Member, 49 Posts

19 September 2014 at 12:11pm

Thanks pepe I also just came across this issue and your solution worked :)