Re: [users@httpd] Several .htaccess

Mon, 07 Aug 2006 09:13:15 -0700 

Hi,

Great ! It works ! I didn't hope a so fast answer !

Thanks a lot !
----- Original Message ----- From: "Joshua Slive" <[EMAIL PROTECTED]> 
To: <users@httpd.apache.org>
Sent: Monday, August 07, 2006 5:42 PM
Subject: Re: [EMAIL PROTECTED] Several .htaccess



On 8/7/06, Marc MENDEZ <[EMAIL PROTECTED]> wrote:

Hi,
The root of our extranet site is protected by a .htaccess file. If the user 
is inside our network, no identification is required. Otherwise, he must
identified.
Here is the file :

AuthUserFile path_to_password_file
AuthGroupFile /dev/null
AuthName ":: INFORMATIONS CONFIDENTIELLES ::"
AuthType Basic

<limit GET POST>
order deny,allow
deny from all
allow from our_network
require valid-user
satisfy any
</Limit>

It works

However, a subdirectory must be restricted differently : if the user is
outside our network, no access !
Here is the second .htaccess
Allow from our_network
Deny from all
This second .htaccess worked 'till I modify the first one to prevent users 
from identifying if they are in our network.

I suppose that as the first .htaccess grants access to the whole website,
the second one is not used.....
How can I urge Apache to use the second one ?


1. Remove the lines <Limit GET POST> and </Limit> which are not needed
and are a possible security risk.  (Read the docs on <Limit> for more
info.)

2. Put "Satisfy all" in the .htaccess in the subdirectory.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
___________________________________________________________________________ Découvrez un nouveau moyen de poser toutes vos questions quelque soit le sujet ! Yahoo! Questions/Réponses pour partager vos connaissances, vos opinions et vos expériences. http://fr.answers.yahoo.com 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to