httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joshua Slive" <jos...@slive.ca>
Subject Re: [users@httpd] help from httpd.apache.org
Date Tue, 14 Aug 2007 17:59:43 GMT
On 8/13/07, J. R. <jrobertlewis5923@sbcglobal.net> wrote:
> I am running Apache 2.2.4 on 32 x86.System is XP SP2 (DynDNS) and set server
> location. Set DocumentRoot, Set
> <Directory>, AllowOverride ALL,  set htpasswd -c, in Notepad=AuthType Basic
> AuthName "This is a private area, please log in"
>
> AuthUserFile "c:\etc.\my_password_file.txt"

Always use forward slashes in apache config files.

> AuthGroupFile /dev/null

That line is not necessary.

>
> <Limit GET POST PUT>

DON'T DO THAT. See the docs for the <Limit> directive for an
explanation of why it should be simply exluded entirely.

> require valid-user
> </Limit> , saved ".htaccess" in DocumentRoot. SUCCESS!!.

Why are you using .htaccess rather than simply putting this in a
<Directory> section in httpd.conf? See:
http://httpd.apache.org/docs/2.2/howto/htaccess.html#when

> Three resulting
> Problems.
> 1. Login is not secure

What does that mean? Secure in what way?

> 2. User Login window in deopdown includes my hotmail address.

That is a browser issue. Apache is certainly not supplying any default
username info.

> 3. Once logged in, desktop.ini is included in Directory.

In directory listings you mean? You can either use
http://httpd.apache.org/docs/2.2/mod/mod_autoindex.html#indexignore
to exclude certain files from the listing (but leave them accesible to
those that know that they are there) or use
<Files desktop.ini>
Order allow,deny
Deny from all
</Files>

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message