On 4/19/07, Ben Roberts <list-support@xxxxxxxxxxxx> wrote:
Hello there,
I need to setup htpasswd protection on a web directory served by Apache.
I also need to permit access to the index file in the specified
directory, but block access to any other files or subdirectories.
So I'm using a configuration like this:
<Files index.php>
Order deny,allow
Allow from all
</Files>
<Directory "/home/username/www">
AuthType Basic
AuthName "Private Area"
AuthUserFile /home/username/.htpasswds
require user bill ben
</Directory>
Can anybody tell me why my override of the password protection for
index.php files is being ignored?
Because host-based (Allow) and password-based (Require) access control are orthogonal. You can fix your problem by adding "Satisfy Any" to the <Files> block. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|