[In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ]
Synopsis: interaction between "allow/deny" and "require" is not clearly documented State-Changed-From-To: open-closed State-Changed-By: lars State-Changed-When: Tue Jul 21 16:11:53 PDT 1998 State-Changed-Why: The behaviour you describe is correct (it's a feature :-). If you use Require and Satisfy Any in a subdirectory you tell Apache that everyone can access the resource with the correct id/password. If you want to limit the access to one or more domains you have to use the deny directive for the directory or parent directory. If you've limited access in one directory and want to make a sub-directory accessible to everyone it is always possible to use "order allow,deny" and "allow from all". But all this *is* explained in the documentation.