httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Noel Stratton" <nstrat...@membersonline.org>
Subject RE: [users@httpd] .htaccess help
Date Sun, 09 Jul 2006 00:34:29 GMT
Is there a way to make the subdirectory .htacces file override the root?  

Sorry to top post, but that is how my pocket pc replies.

-----Original Message-----
From: "Joshua Slive" <joshuaOn 7/7/06, Noel Stratton <nstratton@membersonline.org>
wrote:
> Here is my .htaccess configuration in my root directory:
>
> Options +ExecCGI
> order deny,allow
> deny from all
> allow from 10.13.1.
> allow from 10.13.2.
> allow from 10.13.3.
> allow from 10.13.4.
> satisfy any
> AuthName "Members 1st Credit Union Employees Only"
> AuthType Kerberos
> Krb5Keytab /etc/auth_kerb.keytab
> KrbAuthRealm MEMBERSONLINE.LOCAL
> KrbMethodNegotiate off
> KrbSaveCredentials off
> KrbVerifyKDC off
> Require valid-user
>
> This web server is used as a company intranet site.  However, my boss
> would like it where employees can view the intranet site from home.
> This configuration will make it where users inside my network do not
> have to authenticate.  If they are outside of the network they will have
> to authenticate to active directory.  This is working really well.
>
> Here is my problem.  I have a couple of sub-directories that I do not
> want to be accessible outside of my network.  I put an .htaccess
> configuration in the subdirectory like this:
>
> order deny,allow
> deny from all
> allow from 10.13.1.
> allow from 10.13.2.
> allow from 10.13.3.
> allow from 10.13.4.
>
> When I navigate to the subdirectory I am prompted with the
> authentication box instead of the forbidden page.  After an hour of
> research I came out confused and could not get a clear answer on this:
>
> Does a .htaccess file in a subdirectory over ride the .htaccess file in
> the root directory?
> Does a ..htaccess file in a subdirectory merge with a .htaccess file in
> the root directory?

They are merged.

You can probably get what you want by putting
Require user non-existent-user
in the sub-directory .htaccess files.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message