httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jacob Coby" <>
Subject Re: [users@httpd] .htaccess file HAS TO BE in Document Directory
Date Tue, 03 Dec 2002 21:28:42 GMT
> Hi,
> I have a question about .htaccess file.
> I have a DocumentRoot declared in the httpd.conf to be /usr/www.
> I also want to protect the /home/cvsroot directory .
> I declared
> <Directory /home/cvsroot>
> AllowOverride AuthConfig
> </Directory>
> in the httpd.conf
> I also have .htaccess in the /home/cvsroot directory.
> Anyway, it didn't work, I didn't get the dialog to prompt for username and
> password.

Some silly questions:
1- what are the restrictions you placed on this directory? I don't see
anything in the snippet you posted that would require a valid-user or ip.
Could you post the .htaccess as well?
2- Is the .htaccess file readable by apache?  You usually want the perms to
be rw-r--r--
3- Is AccessFileName .htaccess or is it something else?  Is it even defined?
4- Anything in the logs?
5- You have mod_auth (_digest) installed and working?

> The question is, can I protect /home/cvsroot directory, even if it is NOT
> under the DocumentRoot dirctory (/usr/www)?

Sure.  Apache always looks for a .htaccess file in the current directory and
then recurses back to the doc root if it doesn't find one.

Some things you might want to try:
- Make it work in httpd.conf.  Ignore .htaccess for now, and just make it
- First make it give you a forbidden message, so you at least know it is
working.  Something like:
Order Allow,Deny
Deny from all
- Once you have it denying you access, take out the deny, and throw in a
require valid-user clause.  Once you get it asking for a user, you can then
make it auth against a passwd file.
- Finally, once you have it working in the httpd.conf, move it out to
.htaccess and work from there.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message