Trying to get htaccess to work...or...man, what am I doing wrong!
George Toft
plug-discuss@lists.plug.phoenix.az.us
Tue, 01 Oct 2002 18:27:13 -0400
If ~user has 700 permissions, this won't work. (Assuming httpd is NOT
running as root. If you are running it as root, you have other things
to worry about . . .)
I, on the other hand, don't like having a daemon that can be compromised
(ie, httpd or Apache) having access to my files. Web content is another
story.
George
Patrick Fleming EA wrote:
>
> On Tue, 1 Oct 2002, George Toft wrote:
>
> > You need a .htpasswd file in that directory also. You are using the
> > htpasswd command, so where is your .htpasswd file? Find it, and move it
> > to /var/www/html/test
> >
> > George
>
> I partly agree...
> AuthUserFile ~user/.htpasswd
>
> I don't like this file in a potentially web accessible location.
> I ended up setting:
> AllowOverride AuthConfig
> *and*
> <Directory />
> AllowOverride AuthConfig
> </Directory>
>
> to get this to work after upgrading apache(to 2.0.36) recently. I don't
> remember which one caused the problem.
>
> >
> >
> >
> > Anthony Hologounis wrote:
> > >
> > > I have a RH7.2 box with apache 1.3.22.
> > >
> > > /var/www/html is where the html docs live
> > >
> > > /var/www/html/test is the directory I want to protect
> > >
> > > I created a user file in my home directory ~/user
> > >
> > > I use htpasswd -c ~user someone to populate the access file
> > >
> > > There is an .htaccess file in /var/www/html/test
> > >
> > > it looks like this
> > >
> > > AuthName "restricted stuff"
> > > AuthType Basic
> > > AuthUserFile ~/user
> > >
> > > require valid-user
> > >
> > > It quite simply does not work.
> > >
> > > I read the docs here http://www.apacheweek.com/features/userauth and
> > > here http://www.redhat.com/support/resources/faqs/RH-apache-FAQ/c135.html
> > >
> > > I have tried this in the httpd.conf file
> > >
> > > # This controls which options the .htaccess files in directories can
> > > # override. Can also be "All", or any combination of "Options", "FileInfo",
> > > # "AuthConfig", and "Limit"
> > >
> > > ###AllowOverride None this didn't work
> > > ###AllowOverride AuthConfig this didn't work either
> > >
> > > and yes, I removed the hashes when I tested it.
> > >
> > > I didn't think it would be this much of a pain.....aarrgh
> > >
> > > Anthony
> > >
> > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> > > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> > > To subscribe, unsubscribe, or to change you mail settings:
> > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> > To subscribe, unsubscribe, or to change you mail settings:
> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> >
>
> --
> Patrick Fleming, EA
> http://myhdvest.com/patrickfleming
> Licensed to represent taxpayers
> before Exam, Appeals, and Conference
> divisions of the IRS
>
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss