On Wed, Mar 19, 2008 at 6:32 PM, Marc Fromm <Marc.Fromm@xxxxxxx> wrote: > 1.) I created an .htpasswd file with a user using the command > htpasswd -mbc /etc/.htpasswd username password > group and other have read permissions > > 2.) I created an .htaccess file in a web directory with the following > AuthType Basic > AuthName "Outside Access" > AuthUserfile /etc/.htpasswd > require user username > Satisfy All > <Limit GET POST> > require valid-user > </Limit> > > Group and other have read and execute permissions > I restarted httpd > > 3.) httpd.conf is set to recognize .htaccess file names. > > When I browse to the site I am not prompted for the password. > Is there another setting someplace to enable the use of the .htaccess > file? 1. Throw out whatever tutorial you used to construct that .htaccess file. It is giving you bad (and dangerous) advice. In particular, the <Limit GET POST> and </Limit> lines should be removed. 2. Try http://httpd.apache.org/docs/2.2/howto/htaccess.html instead. 3. Check the AllowOverride directive in httpd.conf. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|