>>>> I am trying to password protect a sub directory within the web space of
>>>> a>>>> domain that is serving site statistics of awstats generated pages.
>>>> The path>>> > to the dir is /home/user1/www/awstats. When testing, I am
>>>> able to get a>>> > username and password prompt for the front page of the
>>>> site, i.e. for>>> > www.mydomain.com, when I place the .htaccess file in
>>>> www. But I can't get a>>> > functional prompt for www.mydomain.com/awstats
>>>> when I place the .htaccess in>>> > the awstats dir. The login box comes up
>>>> but it won't accept my username>>> > password combo, even though it will
>>>> accept it when I have the same .htaccess>>> > file in the www dir.>>> >>>
>>>> See:>>> http://httpd.apache.org/docs/2.2/howto/htaccess.html>>> >>> Your
>>>> problem is that you don't have AllowOverride set correctly for>>> the
>>>> relevant directory. But beyond that, you probably don't want to be>>>
>>>> using .htaccess at all. Just put the directives in the relevant>>>
>>>> <Directory> section in httpd.conf.>>> >>> Jo
shua.>>>>Thanks Joshua,>> >>I read the above DOC you posted thanks. Just to
clarify, do you>>reccomend that I use the <Directory> method in the main
httpd.conf file>>as described in the above, instead ot .htaccess?> >Oops, just
re read your post :) appears that's what you meant.
OK I took the advice and have been trying to set up http username and password
logins without using .htaccess files inside the web accessible directory I am
trying to password protect. I checked my AllowOverride settings in httpd.conf
and they appear to be set correctly and I’m still not getting a login prompt
which accepts the correct username and password I type in for the script
aliased directory. I posted all of my AllowOverride settings in the main
httpd.conf file at the end of this post.
I am trying to use the <Location> tag instead of the <Directory> tag within
individual virtual domain httpd.conf files – files which were enabled by the
main httpd.conf file’s “Include conf.d/*.conf” directive. In other words, I
have virtual domain files - www.domain1.con.conf , www.domain2.com.conf , and
so on in the /etc/httpd/conf.d directory which all contain (so far only) my
virtual host tags for those domains.
Is using the <Location> tag advisable (or possible), instead of using the
<directory> tag in my virtual host .conf files to enable username password
logins?
I read this as a good method in my Apache 2.0 Wrox book, it’s a bit out dated
though, and I’m using Apache 2.2 on a Centos 5.1 box.
The tag I just added to one of my test virtual domain files is this:
<Location /home/mydirectory/www/awstats>
AuthName "MembersOnly"
AuthType Basic
AuthUserFile /home/mydirectory/.htpasswd
Require user testuser
</Location>
The above virtual domain file includes the tag:
<VirtualHost 12.345.678.910:80>
ServerAdmin [EMAIL PROTECTED]
DocumentRoot /home/mydirectory/www
ServerName www.blabla.com
ServerAlias blabla.com
ErrorLog logs/blabla.com-error_log
CustomLog logs/blabla.com-access_log combined
ScriptAlias /awstats/ "/usr/local/awstats/wwwroot/cgi-bin/"
</VirtualHost>
After reloading apache and going to http.www.blabla.com, I did get a popup
login box, but when I type in my username and password it won’t take it, even
though I’m sure it’s the correct combo created by htpasswd –c .htpasswd
testuser.
Any hints or suggestions as to what I am doing wrong?
Below are the AllowOverride settings in httpd.conf:
<Directory />
Options FollowSymLinks
AllowOverride AuthConfig
</Directory>
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<Directory "/var/www/icons">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
<Directory "/var/www/error">
AllowOverride None
Options IncludesNoExec
AddOutputFilter Includes html
AddHandler type-map var
Order allow,deny
Allow from all
LanguagePriority en es de fr
ForceLanguagePriority Prefer Fallback
</Directory>
<IfModule mod_include.c>
<Directory "/var/www/error">
AllowOverride None
Options IncludesNoExec
AddOutputFilter Includes html
AddHandler type-map var
Order allow,deny
Allow from all
LanguagePriority en es de fr
ForceLanguagePriority Prefer Fallback
</Directory>
In a rush? Get real-time answers with Windows Live Messenger.
_________________________________________________________________
Express yourself wherever you are. Mobilize!
http://www.gowindowslive.com/Mobile/Landing/Messenger/Default.aspx?Locale=en-US?ocid=TAG_APRIL
