> -----Original Message----- > From: Petri Varsa [mailto:[EMAIL PROTECTED] > Sent: Wednesday, June 22, 2005 8:30 AM > To: Michael Martinell; debian-user@lists.debian.org > Subject: Re: secure apache in debian > > I think this should work for you: > > <Location /> > AuthType Basic > AuthUserFile /etc/apache2/ssl/user_auth > AuthName "Test" > Require valid-user > </Location> > > Put this in under the <VirtualHost> section. Then use the htpasswd > program to create the /etc/apache2/ssl/user_auth file. > > -petri > > > On 6/22/05, Michael Martinell <[EMAIL PROTECTED]> wrote: > > > > > > > -----Original Message----- > > > From: Jon Dowland [mailto:[EMAIL PROTECTED] > > > Sent: Wednesday, June 22, 2005 6:24 AM > > > To: debian-user > > > Subject: Re: secure apache in debian > > > > > > Michael Martinell wrote: > > > > > > > What is the best way to secure an entire site in apache? I have 3.1 > r0 > > > and > > > > have installed the apache package. Basically I want 1 user to be > able to > > > > access any directory or folder that exists now or will ever exist in > the > > > > future in the /var/www path. > > > > > > You'll have to be a bit more specific. When I read 'secure' I think, > > > 'secure transmission' and you mean setting up HTTPS. However, it > sounds > > > like what you're really after is realm-based HTTP authentication. > > > > > > > > > -- > > > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > > > with a subject of "unsubscribe". Trouble? Contact > > > [EMAIL PROTECTED] > > > > I have an in-house server for administrators, technicians and such to > get > > install files and so forth off of. I do not really want the casual user > to > > be able to access this server and install software without approval. > Since > > security isn't real high here I thought a single log in would be ok. I > > thought there was a way to put some entries into httpd.conf that would > cause > > the whole server, no matter what page it served up to prompt for a > password. > > > > > > -- > > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > > > >
This solution was exactly what I needed. I had tried this before, however I had not put it in the VirtualHost section. That did make all of the difference for me. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
