[ale] apache2 .htaccess?
Robert L. Harris
Robert.L.Harris at rdlg.net
Thu Jun 12 21:11:02 EDT 2003
I just installed a new apache2 server and need to lock down a
directory with a .htaccess file before it goes live. Everything looks
right but I'm missing something...
my apache2.conf has all of this:
AccessFileName .htaccess
<Directory /cgi-bin/duck/admin>
AllowOverride All
Order deny,allow
Deny from all
</Directory>
the file /var/www/cgi-bin/duck/admin/.htaccess has this:
-rwxr-xr-x 1 www-data www-data 174 Apr 15 10:40 /var/www/cgi-bin/duck/admin/.htaccess
{0}:/>cat /var/www/cgi-bin/duck/admin/.htaccess
AuthType Basic
AuthName "Password Required"
AuthUserFile /var/www/passwords/password.file.duckadmin
#AuthGroupFile /var/www/passwords/group.file
Require user nomad mamma
the password file looks like this:
-rw-r----- 1 www-data www-data 40 Jun 12 20:51 /var/www/passwords/password.file.duckadmin
{0}:/etc/apache2>cat /var/www/passwords/password.file.duckadmin
mamma:BoAvyKzxzvqOo
nomad:F38BfSBwqSulo
If I hit site:/cgi-bin/duck/admin/index.html it loads up just fine
without a prompt for any passwords.
Any one able to point me to what's horked up in this Apache2 config?
Robert
:wq!
---------------------------------------------------------------------------
Robert L. Harris | GPG Key ID: E344DA3B
@ x-hkp://pgp.mit.edu
DISCLAIMER:
These are MY OPINIONS ALONE. I speak for no-one else.
Diagnosis: witzelsucht
IPv6 = robert at ipv6.rdlg.net http://ipv6.rdlg.net
IPv4 = robert at mail.rdlg.net http://www.rdlg.net
PGP signature
More information about the Ale
mailing list