Re: How to protect awstats page

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


On Apr 9, 2007, at 4:38 AM, Mário Gamito wrote:


awstats.pl is located outside Apache's DocumentRoot in
/usr/local/awstats/wwwroot/cgi-bin

I put there a .htaccess file with the following contents:
"AuthUserFile /usr/local/awstats/wwwroot/cgi-bin/.htpasswd
AuthName "stats"
AuthType Basic
require valid-user"

but it doesn't work, the page is unprotected.
You'll need to have AllowOverride set to (at least) AuthConfig for the directory. For instance, the default configuration file has a 

<Directory />
  Options FollowSymLinks
  AllowOverride None
</Directory>
Change that AllowOverride None to AllowOverride AuthConfig, and you're good. Alternatively, you can put the configuration language in a <Directory> block in your httpd.conf, which takes away the need for .htaccess altogether. 

S.

--
sctemme@xxxxxxxxxx            http://www.temme.net/sander/
Open Source Software Consultant
PGP FP: 51B4 8727 466A 0BC3 69F4  B7B8 B2BE BC40 1529 24AF

ApacheCon 2007 Europe, May 1-4 in Amsterdam
http://www.eu.apachecon.com/

Attachment: smime.p7s
Description: S/MIME cryptographic signature

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux