Hi, I'd like to restrict access to 1 of several cgi scripts on my website to authorized users only. Problem is, after configuring httpd.conf, .htaccess, .passwd, anyone can still run the script. I created the .passwd file with htpasswd -c myfilename myusername. Of course, I restarted apache after all changes to httpd.conf with apachectl restart. No errors. I've poured over the Apache documentation on their website, and Googled all day yesterday, no joy. The error log shows *nothing* related to execution of this script. The access log shows nothing other than the GET line for this script. Any help would be appreciated.
Here are some relevant sections from httpd.conf (I'll post the entire 38k file if allowed.) # Dynamic Shared Object (DSO) Support # # To be able to use the functionality of a module which was built as a DSO you # have to place corresponding `LoadModule' lines at this location so the # directives contained in it are actually available _before_ they are used. # Statically compiled modules (those listed by `httpd -l') do not need # to be loaded here. # # Example: # LoadModule foo_module modules/mod_foo.so # LoadModule access_module libexec/apache2/mod_access.so LoadModule auth_module libexec/apache2/mod_auth.so [snip] # DocumentRoot: The directory out of which you will serve your # documents. By default, all requests are taken from this directory, but # symbolic links and aliases may be used to point to other locations. # DocumentRoot "/usr/local/www/data" # # Each directory to which Apache has access can be configured with respect # to which services and features are allowed and/or disabled in that # directory (and its subdirectories). # # First, we configure the "default" to be a very restrictive set of # features. # <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /usr/local/www/cgi-bin> AllowOverride AuthConfig </Directory> Here is the .htaccess file which resides in /usr/local/www/cgi-bin: <Files "myscript.cgi"> Options ExecCGI AuthType Basic AuthName "Password Required" AuthUserFile /usr/local/www/.passwd # Not the best location for this file, I know. Require valid-user </Files> Thanks, Charles Got a computer with idle CPU time? Join [EMAIL PROTECTED] and help make history! http://setiathome.ssl.berkeley.edu/ _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"