httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sander Temme <>
Subject Re: [users@httpd] How to protect awstats page
Date Mon, 09 Apr 2007 17:20:17 GMT

On Apr 9, 2007, at 4:38 AM, Mário Gamito wrote:

> is located outside Apache's DocumentRoot in
> /usr/local/awstats/wwwroot/cgi-bin
> I put there a .htaccess file with the following contents:
> "AuthUserFile /usr/local/awstats/wwwroot/cgi-bin/.htpasswd
> AuthName "stats"
> AuthType Basic
> require valid-user"
> but it doesn't work, the page is unprotected.

You'll need to have AllowOverride set to (at least) AuthConfig for  
the directory. For instance, the default configuration file has a

<Directory />
   Options FollowSymLinks
   AllowOverride None

Change that AllowOverride None to AllowOverride AuthConfig, and  
you're good.  Alternatively, you can put the configuration language  
in a <Directory> block in your httpd.conf, which takes away the need  
for .htaccess altogether.


Open Source Software Consultant
PGP FP: 51B4 8727 466A 0BC3 69F4  B7B8 B2BE BC40 1529 24AF

ApacheCon 2007 Europe, May 1-4 in Amsterdam

View raw message