httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stephen Bopple" <stephen.bop...@epa.state.oh.us>
Subject Re: help setting up .htaccess with virtual hosts
Date Tue, 09 Apr 2002 14:27:13 GMT
In the main configuration area of httpd.conf I have following:

<Directory />
  Options     FollowSymLinks
  AllowOverride    None
</Directory>

then later I have:

AllowOverride    Authconfig
#AccessFilename    .htaccess

In a virtual hosting account you'll find (forgive artistic license here)

<Virtual....

DocumentRoot    /home/mojo/secksz
<Directory /home/mojo/secksz/ummm>
Options +Indexes
</Directory

</Virtual...>

So I think I like the idea of setting authentication without the use of .htaccess - although
I've noticed that some
weblog packages require .htaccess to be enabled.

If I understand correctly I'll do the following:


<Directory  /home/mojo/secksz/ummm>
Options   +Indexes
AuthType    Basic
AuthName   "Member Section"
AuthUserFile  /home/mojo/password
require    valid-user
</Directory>

I'll use the htpassword function to creat the password file, yes?  And the purpose of AuthName
- this is the text that will show up in the username/password box which shows up?


Thanks again

__________________________________________________________

>.htaccess allows you to put a certain subset of directives in a local
>file which will apply only to the directory that the .htaccess file
>appears in... provided you have said "AllowOverride <something>" in
>httpd.conf. Often, people put the directives necessary for
>authentication (password access) into a .htaccess file - but it's not
>essential that they go there. 

>Personally, I find that .htaccess files give the user so much rope that
>he usually ends up shooting himself in the foot. So I disable .htaccess
>globally (AllowOverride None at the docroot), then I set up
>authentication in a <Directory> container. All you need is:

><Directory /path/to/protected/dir>
>   AuthType            Basic
>    AuthName            "Member Section"
>    AuthUserFile        /path/to/password/file
 >   require             valid-user
></Directory>

>If you insist on using .htaccess, put the four mod_auth directives in
>the .htaccess file, then do;

><Directory /path/to/protected/dir>
>    AllowOverride All
></Directory>

>in the config.

>Rgds,

Owen Boyle.


Steve Bopple, P.E.
Environmental Engineer, Ohio EPA
330-963-1199 (direct)
stephen.bopple@epa.state.oh.us

"Seabees - We Build, We Fight"


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message