on 6/10/01 2:06 PM, Paul Burney ([EMAIL PROTECTED]) wrote:
> Then in the protected directory, /Library/WebServer/Documents/test, add a
> .htaccess file containing:
>
> Order deny,allow
> Deny from all
Of course, upon further reflection, the following also needs to be added to
the httpd.conf file:
<Files ~ "^\.(ht|HT|Ht|hT)">
Order allow,deny
Deny from all
</Files>
To prevent users from viewing the encrypted form of your password by passing
a request like:
http://somesever/somedir/.Htaccess
The above is untested but it should work.
Sincerely,
Paul Burney
+-------------------------+---------------------------------+
| Paul Burney | P: 310.825.8365 |
| Webmaster && Programmer | E: <[EMAIL PROTECTED]> |
| UCLA -> GSE&IS -> ETU | W: <http://www.gseis.ucla.edu/> |
+-------------------------+---------------------------------+
