Hi, Great ! It works ! I didn't hope a so fast answer ! Thanks a lot !----- Original Message ----- From: "Joshua Slive" <joshua@xxxxxxxx>
To: <users@xxxxxxxxxxxxxxxx> Sent: Monday, August 07, 2006 5:42 PM Subject: Re: [users@httpd] Several .htaccess
On 8/7/06, Marc MENDEZ <cnmm600@xxxxxxxx> wrote:Hi,The root of our extranet site is protected by a .htaccess file. If the useris inside our network, no identification is required. Otherwise, he must identified. Here is the file : AuthUserFile path_to_password_file AuthGroupFile /dev/null AuthName ":: INFORMATIONS CONFIDENTIELLES ::" AuthType Basic <limit GET POST> order deny,allow deny from all allow from our_network require valid-user satisfy any </Limit> It works However, a subdirectory must be restricted differently : if the user is outside our network, no access ! Here is the second .htaccess Allow from our_network Deny from allThis second .htaccess worked 'till I modify the first one to prevent usersfrom identifying if they are in our network. I suppose that as the first .htaccess grants access to the whole website, the second one is not used..... How can I urge Apache to use the second one ?1. Remove the lines <Limit GET POST> and </Limit> which are not needed and are a possible security risk. (Read the docs on <Limit> for more info.) 2. Put "Satisfy all" in the .htaccess in the subdirectory. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
___________________________________________________________________________ Découvrez un nouveau moyen de poser toutes vos questions quelque soit le sujet ! Yahoo! Questions/Réponses pour partager vos connaissances, vos opinions et vos expériences. http://fr.answers.yahoo.com
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx