httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joshua Slive" <jos...@slive.ca>
Subject Re: [users@httpd] Setup htpasswd on directory but allow access to index file
Date Thu, 19 Apr 2007 19:16:24 GMT
On 4/19/07, Ben Roberts <list-support@headsnet.com> wrote:
> Hello there,
>
> I need to setup htpasswd protection on a web directory served by Apache.
>
> I also need to permit access to the index file in the specified
> directory, but block access to any other files or subdirectories.
>
> So I'm using a configuration like this:
>
> <Files index.php>
>         Order deny,allow
>         Allow from all
> </Files>
>
> <Directory "/home/username/www">
>         AuthType Basic
>         AuthName "Private Area"
>         AuthUserFile /home/username/.htpasswds
>         require user bill ben
> </Directory>
>
>
> Can anybody tell me why my override of the password protection for
> index.php files is being ignored?

Because host-based (Allow) and password-based (Require) access control
are orthogonal.

You can fix your problem by adding "Satisfy Any" to the <Files> block.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message