httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jacob Coby" <>
Subject Re: [users@httpd] how do i leave only DocumentRoot open; all other directories require Auth
Date Tue, 10 Dec 2002 18:06:29 GMT
> i am trying to set up a site in such a way that everything requires
> Authentication with the sole exception of the DocumentRoot.


> The only option i can see is to create .htaccess files for every
> directory in my site _except_ my DocumentRoot.

One option is to make the rest of your site live off of a single branch of
the document root, and have the .htaccess with the auth requirements in it.
.htaccess files are recursive in nature, so if it doesn't find one in ., it
looks in ../, and then ../../ until it reaches document root.

So, you would have:

Anything you try to access from /site/* will require auth since there is a
.htaccess in /documentroot/auth, but your index.html should be allowed out
to everyone.

Another option is to use virtual hosts, and have be publicly
available, but have require authorization.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message