After reading the somewhat confusing docs on limiting access to a directory, I found that basic authentication with TLS is the recommended way.
I have several virtual hosts running on a TLS-only server and want to limit access to a private directory for just one of the hosts (not that I am using macros for all virtual hosts). The configuration is working well. Now I've added the following at the server context level (outside the virtual host macros) for one specific host: # special private directory only for vhost 2 <Directory /home/web-sites/vh2/public/private> AuthType Basic AuthName "VH2" # (Following line optional) AuthBasicProvider file AuthUserFile /home/web-sites/passwords/vh2.passwordfile Require user Jack </Directory> But I can read the one test file in the directory just fine. Note I have tried putting the directory block before and after the macro definitions but it makes no difference. Do I require something else? Can anyone see what I'm doing wrong? Could it be wrong permissions on the passwords file (ls -l): -rw-r--r-- 1 apache web-content /home/web-sites/passwords/vh2.passwordfile Thanks. Best regards, -Tom --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
