Use another directory stanza in your main httpd.conf which references the subdir you want unprotecting. Perhaps .htaccess files are off - and with more than 100 directories, you should leave them off, especially if some are nested. Sent from my BlackBerry® wireless device -----Original Message----- From: Caius <caiuspolgar@xxxxxxxxx> Date: Tue, 13 May 2008 08:20:55 To:users@xxxxxxxxxxxxxxxx Subject: exclude a subdirectory from authentication request im running an apache 2.2.4...Server version: Apache/2.2.4 (Unix)Server built: Jul 30 2007 17:04:39 Below is my generic directory configurationi need some help as im a little lost i have put something like this in my httpd.conf file to protect all my web directory's with user/pass <Directory />AuthType BasicAuthName "Secure BOX"AuthzLDAPAuthoritative OnAuthLDAPURL "ldap://localhost:389/ou=People,dc=testbox,dc=com"Require valid-userAllowOverride All</Directory> And as you know, subsequently all the directories below it are protected as well.I need to keep this logic intact but UN-password protect a subdirectory "/users/public", so i would like to exclude then from authentication mechanism I have read that I could just put another .htaccess file in "/users/public" to override the password protection from the httpd.conf file. #.htaccessOrder Allow,Deny Satisfy Any Allow from all I tried this but it didnt work, meaning that i was still requested for a user/pass Is there some rules/if statement that i can put? or another method that could work the way i want it? PS: i have more then 100 directory's and i dont want to put separately in each an authentication block and only in the directory/subdirectory where i want free access no authentication block Best RegardsCaius Toate cele bune,Caius Polgar ##################################################Deosebim doua tipuri de pedepse. Cu viata si cu moartea#####################################[V. Butulescu]#