By default, it will deny all connections except those user / password combinations that are either in the group groupname (from any domain), or are listed in the require user line -- user1, user2, and user3 from any domain. This .htaccess example does work, as I am using one almost identical to the one below right now on an apache virtual host to protect a "work in progress" from being accessed by the public at large. The closest analogy would be the difference between a mostly open and a mostly closed firewall. In a mostly open firewall, you basically allow connections on any protocol unless you specifically deny it. In contrast, a mostly closed firewall denies connections unless you specifically allow it. This .htaccess would be roughly equivalent to a mostly closed firewall. Michael -- Michael Viron Registered Linux User #81978 Senior Systems & Administration Consultant Web Spinners, University of West Florida At 07:52 PM 08/29/2001 -0500, you wrote: >On Tuesday, Aug 28, 2001, Michael D. Viron wrote: > >> Here's a working .htaccess file >> >> deny from all >> AuthName YourNameHere >> AuthType Basic >> AuthUserFile /path/to/userfile.txt >> AuthGroupFile /path/to/groupfile.txt >> require group groupname >> require user user1 user2 user3 >> satisfy any > >Kind of new to .htaccess too, but wouldn't that 'deny from all' deny >connections from anywhere? There is no 'allow from mydomain' lines or >anything... or 'order deny,allow' or anything similar either. > >-- >Paul Cox <paul at coxcentral dot com> >Kernel: 2.4.7-12.3mdk - Uptime: 8 days 20 hours 34 minutes. > >Want to buy your Pack or Services from MandrakeSoft? >Go to http://www.mandrakestore.com >
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com