[ale] apache2 .htaccess?

Robert L. Harris Robert.L.Harris at rdlg.net
Thu Jun 12 21:11:02 EDT 2003



  I just installed a new apache2 server and need to lock down a
directory with a .htaccess file before it goes live.  Everything looks
right but I'm missing something...

my apache2.conf has all of this:

AccessFileName .htaccess
<Directory /cgi-bin/duck/admin>
   AllowOverride All
   Order deny,allow
   Deny from all
</Directory>


the file /var/www/cgi-bin/duck/admin/.htaccess has this:

-rwxr-xr-x    1 www-data www-data      174 Apr 15 10:40 /var/www/cgi-bin/duck/admin/.htaccess

{0}:/>cat /var/www/cgi-bin/duck/admin/.htaccess
AuthType Basic
AuthName "Password Required"
AuthUserFile /var/www/passwords/password.file.duckadmin
#AuthGroupFile /var/www/passwords/group.file
Require user nomad mamma

the password file looks like this:

-rw-r-----    1 www-data www-data       40 Jun 12 20:51 /var/www/passwords/password.file.duckadmin

{0}:/etc/apache2>cat /var/www/passwords/password.file.duckadmin
mamma:BoAvyKzxzvqOo
nomad:F38BfSBwqSulo



If I hit site:/cgi-bin/duck/admin/index.html it loads up just fine
without a prompt for any passwords.

Any one able to point me to what's horked up in this Apache2 config?

Robert

:wq!
---------------------------------------------------------------------------
Robert L. Harris                     | GPG Key ID: E344DA3B
                                         @ x-hkp://pgp.mit.edu
DISCLAIMER:
      These are MY OPINIONS ALONE.  I speak for no-one else.

Diagnosis: witzelsucht

IPv6 = robert at ipv6.rdlg.net	http://ipv6.rdlg.net
IPv4 = robert at mail.rdlg.net	http://www.rdlg.net

 PGP signature




More information about the Ale mailing list