first, make a .htaccess file e.g.
AuthUserFile /path/to/.htpasswd AuthName "My protected pages" AuthType Basic require valid-user -- next ..make the password cd to /path/to (or wherever your password file is stored) and run htpasswd -c <username> ( dont use the <>'s of course) it will prompt for a password twice, and add the user. -- then make sure the directory has the right optiosn to run the htaccess stuff. im sure there is a more secure way to do it but the fastest way would be to add this to your access.conf: <Directory /path/to/protected/stuff> Options ALL AllowOverride All Order deny,allow Allow from all </Directory> and at the same time restrict access to .htaccess and .htpasswd so people just can't load them on demand. (srm.conf) <Files .htaccess> order allow,deny deny from all </Files> <Files .htpasswd> order allow,deny deny from all </Files> and uncomment the following line in srm.conf if its not done already: AccesFileName .htaccess it SHOULD work then ..at least it does for me. be sure to watch the server's logs when testing it. anything from bad permissions to bad access rights in access.conf can screw it over. hope this helps/works nate ----------------------------------------[mailto:[EMAIL PROTECTED] ]-- Vice President Network Operations http://www.firetrail.com/ Firetrail Internet Services Limited http://www.aphroland.org/ Everett, WA 425-348-7336 http://www.linuxpowered.net/ Powered By: http://comedy.aphroland.org/ Debian 2.1 Linux 2.0.36 SMP http://yahoo.aphroland.org/ -----------------------------------------[mailto:[EMAIL PROTECTED] ]-- 11:52am up 75 days, 23:19, 1 user, load average: 0.34, 0.28, 0.28 On Wed, 3 Nov 1999, SGaerner wrote: > Hi! > > I need info about the .htaccess and htpasswd files that can restrict user > access > to html-files. > > Bye > > > -- > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null >