Dear Apache Users,I have been looking at a problem for so many hours now that I think it has made me blind.
The below configuration is intended to restrict access to /admin-cgi/ to members of the group "admin", which is defined in a plain text file, whilst users and passwords are in a DBM file.
The problem is that members of other groups are getting access to this directory. Changing "Require group ..." to a non-existent group also has no effect.
As far grep shows, and memory servers, this directory and location are not mentioned elsewhere in the httpd configuration.
Any help appreciated
Thanks in anticipation
Lee
ScriptAlias /admin-cgi/ "/Users/leegoddard/src/www/asite/admin-cgi/"
<Directory "/Users/leegoddard/src/www/asite/admin-cgi/">
Options -Indexes
AuthName "Senior Admin"
AuthType Basic
Require group admin
AuthBasicProvider dbm
AuthDBMType SDBM
AuthDBMUserFile /Users/leegoddard/src/www/asite/auth/northfoto_users.db
AuthGroupFile
/Users/leegoddard/src/www/northfoto2/auth/northfoto_groups.db
</Directory> --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|