httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [users@httpd] Access Control
Date Sun, 30 Nov 2003 19:53:47 GMT
I am attempting to setup Apache to be very restrictive, and force
all users to authenticate before viewing the content on my web server.
After reading through the authentication documentation, I came up with:

<Directory />
    Options None
    AllowOverride None
    order allow,deny
    deny from all

# Force authentication of everything in the DocumentRoot
<Directory /opt/apache/htdocs>
     Options None
     AllowOverride None
     AuthType Basic
     AuthName "Authentication"
     AuthUserFile /opt/apache/conf/passwd
     Require valid-user

I am not getting prompted with the Basic authentication dialogue box, and
assume that Apache is ignoring the second directive altogether. Does
Apache use the longest or shortest item when evaluating Directory entries?

Thanks for any insight,

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message