httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joshua Slive" <>
Subject Re: [users@httpd] help from
Date Tue, 14 Aug 2007 17:59:43 GMT
On 8/13/07, J. R. <> wrote:
> I am running Apache 2.2.4 on 32 x86.System is XP SP2 (DynDNS) and set server
> location. Set DocumentRoot, Set
> <Directory>, AllowOverride ALL,  set htpasswd -c, in Notepad=AuthType Basic
> AuthName "This is a private area, please log in"
> AuthUserFile "c:\etc.\my_password_file.txt"

Always use forward slashes in apache config files.

> AuthGroupFile /dev/null

That line is not necessary.

> <Limit GET POST PUT>

DON'T DO THAT. See the docs for the <Limit> directive for an
explanation of why it should be simply exluded entirely.

> require valid-user
> </Limit> , saved ".htaccess" in DocumentRoot. SUCCESS!!.

Why are you using .htaccess rather than simply putting this in a
<Directory> section in httpd.conf? See:

> Three resulting
> Problems.
> 1. Login is not secure

What does that mean? Secure in what way?

> 2. User Login window in deopdown includes my hotmail address.

That is a browser issue. Apache is certainly not supplying any default
username info.

> 3. Once logged in, desktop.ini is included in Directory.

In directory listings you mean? You can either use
to exclude certain files from the listing (but leave them accesible to
those that know that they are there) or use
<Files desktop.ini>
Order allow,deny
Deny from all


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message