httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sfee...@boolecat.com (Steve Feehan)
Subject Re: [users@httpd] .htaccess
Date Mon, 06 Nov 2006 16:57:01 GMT
On Mon, Nov 06, 2006 at 08:13:04AM -0800, Sander Temme wrote:
> 
> On Nov 6, 2006, at 7:34 AM, Dave Challener wrote:
> 
> >HOWEVER... it won't accept any of the userid / password  
> >combinations I give it.
> 
> What are the permissions on /root/SOadmin/.htpasswd, can the web  
> server child processes read it? They do not run as root, so you need  
> world-readable on that file. You might need world-readable on all  
> directories above it, too.
> 
> S.

The file should not be world readable, rather readable by the user
and/or group that apache runs as. The file should generally not be
writable by the apache user/group. So if apache is running as group
'www' then the following permissions would be advisable:

  chown root:www /root/SOadmin/.htpasswd
  chmod 640 /root/SOadmin/.htpasswd

Also, the parent directories don't need to be world readable, but
only executable to the user/group that apache runs as.

-- 
Steve Feehan

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message