httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <jos...@slive.ca>
Subject Re: .htaccess files
Date Wed, 13 Mar 2002 21:33:54 GMT
bdogg wrote:

> First problem, when I edited httpd.conf so that clients could not see
> ht. files, I would get an internal server error when I went to the
> private dir, instead of a login box popping up.  This error would report
> that I had no access to view the files.

What EXACTLY does the error log say?

> 
> So I turned off the hiding of ht. files and moved right along.
> 
> Here is a copy of my ht.access file:
> 
> AuthUserFile C:\WWW\private\ht.passwd
> AuthName "The Secret Page"
> AuthType Basic
> 
> <Limit GET POST>
> require valid-user
> </Limit>

Why do you have the <Limit GET POST> and </Limit> lines?  Do you want to 
ALLOW PUT, DELETE, etc?

> 
> Second problem, I would open a browser and type localhost into the URL
> bar and I was taken to my AutoIndexing ServerRoot directory.  But my
> private dir was not listed (Maybe a feature, I don't know.) 

Yes, a feature.  You don't want to disclose the existance of resources 
to people who aren't allowed to see them.

> So I went
> ahead and type http://localhost/private in the URL bar and I received my
> login prompt.  After filling in the correct username and password (I did
> NOT check the box to remember my password) I was taken to an IE error
> page reporting either a DNS error, or no server was at the URL I
> specified. 

Do you have ServerName set correctly in httpd.conf?

Joshua.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message