I am sorry if I was unclear before. I have the latest version (1.2.1) installed on our server. My document root is /ftp/www. I wish to limit user access to /ftp/www/Program/setform directory by creating a .htaccess file in that directory. The .htaccess is as follows:
AuthUserFile /usr/local/etc/httpd/conf/priv.passwd AuthName Vader AuthType Basic <Limit FORM POST GET> order deny,allow deny from all allow from ed.gov dsti.com require user setform </Limit> To test the .htaccess file, I remove the "allow" line completely and I was still able to access the /ftp/www/Programs/setform (http://vader.ed.gov/Programs/setform/) directory. If I use the same .htaccess file and put it under my home directory (/export/home/giao/public_html), then it would work. Next, I tried to put move the configuration from the .htaccess file to access.conf file. Below is my access.conf file: <Directory /ftp/www> Options Indexes FollowSymLinks AllowOverride None order allow,deny allow from all </Directory> <Directory /usr/local/etc/httpd/cgi-bin> AllowOverride None Options None </Directory> <Location /ftp/www/Programs/setform> AuthUserFile /usr/local/etc/httpd/conf/priv.passwd AuthName Vader AuthType Basic <Limit POST GET> order deny,allow deny from all allow from ed.gov dsti.com require user setform </Limit> </Location> I tried "Kill -HUP" and I also tried killing all the server and restart. I would appreciate your help in this matter. Thanks. Giao Tran On Mon, 14 Jul 1997, Marc Slemko wrote: > Synopsis: Server bypass .htaccess files authorization configuration in > access.conf file. > > State-Changed-From-To: open-analyzed > State-Changed-By: marc > State-Changed-When: Mon Jul 14 07:54:12 PDT 1997 > State-Changed-Why: > I'm sorry, I can not even begin to understand what you are > talking about. I can assure you that the server doesn't > magically bypass access restrictions. If we are to have > any hope of helping, you need to say exactly what you are > doing and what you think it should do. > >
